General
-
Target
01d2bcd9bf0298f75aeb0a92297cde5e
-
Size
36KB
-
Sample
231219-mazamaghhl
-
MD5
01d2bcd9bf0298f75aeb0a92297cde5e
-
SHA1
9800cb48ace647854cb43097cb9d6b727e474942
-
SHA256
d99296b6e5da9bd84687cfbe8851302f68d366117c1251ce7b2a841113827726
-
SHA512
d33737c7da8cf19a0635c315aff7d9f7fc6476e1334f08084be41724c36ab30f4a981f08a829572d2a4eadf30b4dfde157da50f2e3da3f05d2295d5245cb4bc4
-
SSDEEP
768:EPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJz4pAi9qf/I3dTrK:gok3hbdlylKsgqopeJBWhZFGkE+cL2N6
Behavioral task
behavioral1
Sample
01d2bcd9bf0298f75aeb0a92297cde5e.xls
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
01d2bcd9bf0298f75aeb0a92297cde5e.xls
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
01d2bcd9bf0298f75aeb0a92297cde5e
-
Size
36KB
-
MD5
01d2bcd9bf0298f75aeb0a92297cde5e
-
SHA1
9800cb48ace647854cb43097cb9d6b727e474942
-
SHA256
d99296b6e5da9bd84687cfbe8851302f68d366117c1251ce7b2a841113827726
-
SHA512
d33737c7da8cf19a0635c315aff7d9f7fc6476e1334f08084be41724c36ab30f4a981f08a829572d2a4eadf30b4dfde157da50f2e3da3f05d2295d5245cb4bc4
-
SSDEEP
768:EPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJz4pAi9qf/I3dTrK:gok3hbdlylKsgqopeJBWhZFGkE+cL2N6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-