General
-
Target
74f6764dcfaf9ce6c8b0240489f7af1f
-
Size
36KB
-
Sample
240125-twprmsaeg9
-
MD5
74f6764dcfaf9ce6c8b0240489f7af1f
-
SHA1
abe5316a7658622a927d87feb57992bc562405bb
-
SHA256
fc53b8c15b9306fdeabdbb543e7d5b454f0e23fe7dbb4c07aa881d1bd82cbc4f
-
SHA512
ceed2e8ff6044cf6fa67cb511fd7e1b5431a7c467689fb8837c2edc81543a170b6d635f99cdbfde00d5d3ae21c26bf3a4d866da016df8fab944de84867314eb0
-
SSDEEP
768:MPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJezaHkho6a39YQQICQMEbdUm11S:Yok3hbdlylKsgqopeJBWhZFGkE+cL2N3
Behavioral task
behavioral1
Sample
74f6764dcfaf9ce6c8b0240489f7af1f.xls
Resource
win7-20231215-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
74f6764dcfaf9ce6c8b0240489f7af1f
-
Size
36KB
-
MD5
74f6764dcfaf9ce6c8b0240489f7af1f
-
SHA1
abe5316a7658622a927d87feb57992bc562405bb
-
SHA256
fc53b8c15b9306fdeabdbb543e7d5b454f0e23fe7dbb4c07aa881d1bd82cbc4f
-
SHA512
ceed2e8ff6044cf6fa67cb511fd7e1b5431a7c467689fb8837c2edc81543a170b6d635f99cdbfde00d5d3ae21c26bf3a4d866da016df8fab944de84867314eb0
-
SSDEEP
768:MPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJezaHkho6a39YQQICQMEbdUm11S:Yok3hbdlylKsgqopeJBWhZFGkE+cL2N3
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-