General
-
Target
9fb9f5ccc0af9acbc28bef2fe4bdcf29
-
Size
36KB
-
Sample
240216-hqh65acd8z
-
MD5
9fb9f5ccc0af9acbc28bef2fe4bdcf29
-
SHA1
aaed45346180ebfd2cf81cf00e86f4eebb58a27c
-
SHA256
bdf5294285e2792cf563b246673ab836bcf9cf8a9b3065cc45711111decd17a5
-
SHA512
dbad4076cbe5806952422a787b6962bc2e75b5a6c8b1746ade18b5f9e4c749c72c0e6849542ff87bf1864b2de0b0f76fa38a2720267d4e431b00e92fa1b18018
-
SSDEEP
768:VPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJemYcwNjCn3T69vrM:dok3hbdlylKsgqopeJBWhZFGkE+cL2NW
Behavioral task
behavioral1
Sample
9fb9f5ccc0af9acbc28bef2fe4bdcf29.xls
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
9fb9f5ccc0af9acbc28bef2fe4bdcf29.xls
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
9fb9f5ccc0af9acbc28bef2fe4bdcf29
-
Size
36KB
-
MD5
9fb9f5ccc0af9acbc28bef2fe4bdcf29
-
SHA1
aaed45346180ebfd2cf81cf00e86f4eebb58a27c
-
SHA256
bdf5294285e2792cf563b246673ab836bcf9cf8a9b3065cc45711111decd17a5
-
SHA512
dbad4076cbe5806952422a787b6962bc2e75b5a6c8b1746ade18b5f9e4c749c72c0e6849542ff87bf1864b2de0b0f76fa38a2720267d4e431b00e92fa1b18018
-
SSDEEP
768:VPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJemYcwNjCn3T69vrM:dok3hbdlylKsgqopeJBWhZFGkE+cL2NW
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-