General
-
Target
1a5f49d60889b9f27ab375297acc7846
-
Size
36KB
-
Sample
231221-2qznnafccq
-
MD5
1a5f49d60889b9f27ab375297acc7846
-
SHA1
d090e9dbafd621621d9b89d7936b7036f0006d00
-
SHA256
028a360c1966a2b469e3d928f6fcdf033965db2cccaaf4bb82c3459e287fd082
-
SHA512
f9fe15c7730745788199cee3c915117f279036fa3f7fb5b5d2400ccc98101ed15af11dca6f2e91ad5573264e2c98555a932ec27b7a8ceb649b5410bc14c43a3f
-
SSDEEP
768:MPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ5tvOeThMUXsrlNWNtu:Yok3hbdlylKsgqopeJBWhZFGkE+cL2NH
Behavioral task
behavioral1
Sample
1a5f49d60889b9f27ab375297acc7846.xls
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1a5f49d60889b9f27ab375297acc7846.xls
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
1a5f49d60889b9f27ab375297acc7846
-
Size
36KB
-
MD5
1a5f49d60889b9f27ab375297acc7846
-
SHA1
d090e9dbafd621621d9b89d7936b7036f0006d00
-
SHA256
028a360c1966a2b469e3d928f6fcdf033965db2cccaaf4bb82c3459e287fd082
-
SHA512
f9fe15c7730745788199cee3c915117f279036fa3f7fb5b5d2400ccc98101ed15af11dca6f2e91ad5573264e2c98555a932ec27b7a8ceb649b5410bc14c43a3f
-
SSDEEP
768:MPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ5tvOeThMUXsrlNWNtu:Yok3hbdlylKsgqopeJBWhZFGkE+cL2NH
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-