General
-
Target
984f3f94ec87571743a3401b5b738600
-
Size
35KB
-
Sample
231219-zgvbgaahe4
-
MD5
984f3f94ec87571743a3401b5b738600
-
SHA1
8993fcf4403fb44facf1208909bb23d2fe4dd12e
-
SHA256
8e9a497e4f0be8e69a5337f55771ff98841cd7b02b3edad7f34d31a0cafa936e
-
SHA512
4af6c5d502a71b93ae7ed67cb0801f22317d249a5f8e7a2e58170dcfaf511ccd9effe45a1357e09843c581010a8b0aa193954a3b306f19e853d00f88c0278852
-
SSDEEP
768:KPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJY8+JOa5QKz9vA1s:eok3hbdlylKsgqopeJBWhZFGkE+cL2NL
Behavioral task
behavioral1
Sample
984f3f94ec87571743a3401b5b738600.xls
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
984f3f94ec87571743a3401b5b738600.xls
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
984f3f94ec87571743a3401b5b738600
-
Size
35KB
-
MD5
984f3f94ec87571743a3401b5b738600
-
SHA1
8993fcf4403fb44facf1208909bb23d2fe4dd12e
-
SHA256
8e9a497e4f0be8e69a5337f55771ff98841cd7b02b3edad7f34d31a0cafa936e
-
SHA512
4af6c5d502a71b93ae7ed67cb0801f22317d249a5f8e7a2e58170dcfaf511ccd9effe45a1357e09843c581010a8b0aa193954a3b306f19e853d00f88c0278852
-
SSDEEP
768:KPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJY8+JOa5QKz9vA1s:eok3hbdlylKsgqopeJBWhZFGkE+cL2NL
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-