General
-
Target
007c20517afab72e5c9ed96b468288d0
-
Size
36KB
-
Sample
231219-l8sp3agahp
-
MD5
007c20517afab72e5c9ed96b468288d0
-
SHA1
11dbcb86b6739805dc9203564ea0e293fa0a7223
-
SHA256
ef39ad640943ff72b43a7e342d6759346a8b448f59b0099b54a5a9bcad837fd0
-
SHA512
54793c759a2a1187a5f1fa9be5cc37867d35278a48a161dcc8fc99a059f1857b5235cc63d1198bb4ea82ba6d6953a0745d126cce5f7c185e44cf2592fc0a9266
-
SSDEEP
768:gPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJCzMXSOfs4dQHY:sok3hbdlylKsgqopeJBWhZFGkE+cL2NC
Behavioral task
behavioral1
Sample
007c20517afab72e5c9ed96b468288d0.xls
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
007c20517afab72e5c9ed96b468288d0.xls
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
007c20517afab72e5c9ed96b468288d0
-
Size
36KB
-
MD5
007c20517afab72e5c9ed96b468288d0
-
SHA1
11dbcb86b6739805dc9203564ea0e293fa0a7223
-
SHA256
ef39ad640943ff72b43a7e342d6759346a8b448f59b0099b54a5a9bcad837fd0
-
SHA512
54793c759a2a1187a5f1fa9be5cc37867d35278a48a161dcc8fc99a059f1857b5235cc63d1198bb4ea82ba6d6953a0745d126cce5f7c185e44cf2592fc0a9266
-
SSDEEP
768:gPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJCzMXSOfs4dQHY:sok3hbdlylKsgqopeJBWhZFGkE+cL2NC
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-