General
-
Target
E4_INV_pd0622463.doc
-
Size
206KB
-
Sample
230328-rzj98abe99
-
MD5
99a96323e20fc70cef855547068e34ba
-
SHA1
98d4e8a4dacc02e9a64afbcc638631894f97dfaa
-
SHA256
e67a24ae89683460405b6f1ecbac115fc549588234ccf8fcc34a174e9b179502
-
SHA512
5eaa28a4ab909ae3816afc43f68a28891d460ae1db184955b157767e8029f3d34178e8a2721d0e89ed52e79540043fa5ec87773a38e19a3c7e8635f84392521c
-
SSDEEP
1536:3QBLceqLDr80L1lKugpEWoKtMH1Ky2ccCEIOVFzwquIi0OymgBGvhY61LqB8T6IJ:ABLcXHr80sM7AI0OquZSm5vhYBjIGYD
Behavioral task
behavioral1
Sample
E4_INV_pd0622463.doc
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
E4_INV_pd0622463.doc
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://gamaes.shop/wp-content/plugins/sSTToaEwCG5VASw/
http://newsaarctech.com/wp-content/Sx9tvV5/
http://www.fizik.tv.tr/ex/mlFHNKb9x/
https://shopallcars.com/node_modules/dXF0W/
https://infohybrid.com/assets/Lq5vllPN/
http://fse.in.ua/layouts/WMIxdId0bHiS/GnfihOVGqjmsWPJg4/
Targets
-
-
Target
E4_INV_pd0622463.doc
-
Size
206KB
-
MD5
99a96323e20fc70cef855547068e34ba
-
SHA1
98d4e8a4dacc02e9a64afbcc638631894f97dfaa
-
SHA256
e67a24ae89683460405b6f1ecbac115fc549588234ccf8fcc34a174e9b179502
-
SHA512
5eaa28a4ab909ae3816afc43f68a28891d460ae1db184955b157767e8029f3d34178e8a2721d0e89ed52e79540043fa5ec87773a38e19a3c7e8635f84392521c
-
SSDEEP
1536:3QBLceqLDr80L1lKugpEWoKtMH1Ky2ccCEIOVFzwquIi0OymgBGvhY61LqB8T6IJ:ABLcXHr80sM7AI0OquZSm5vhYBjIGYD
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-