General
-
Target
a5fa1253dc8138ced1a4eb386416747b
-
Size
36KB
-
Sample
240226-k5cc8sac7y
-
MD5
a5fa1253dc8138ced1a4eb386416747b
-
SHA1
27c36ad916dc756a3d8295667be6d695280d0840
-
SHA256
178eadb3e7261c0fe13ccf971c74772eb8cc9610d9b3c71d6a5ddef5dc69b7fd
-
SHA512
8fdaf2ad51bb25cf23e49d26663b597b34d0ae310cb05fb946b6f56bef4d2d684ea1cd8205d45dfe47d9418eab584ab8ad64fc83e8e9db8d00b3d9781b388c28
-
SSDEEP
768:EPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJpZ4dDOIoqSZMjvz6:gok3hbdlylKsgqopeJBWhZFGkE+cL2Nw
Behavioral task
behavioral1
Sample
a5fa1253dc8138ced1a4eb386416747b.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a5fa1253dc8138ced1a4eb386416747b.xls
Resource
win10v2004-20240221-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
a5fa1253dc8138ced1a4eb386416747b
-
Size
36KB
-
MD5
a5fa1253dc8138ced1a4eb386416747b
-
SHA1
27c36ad916dc756a3d8295667be6d695280d0840
-
SHA256
178eadb3e7261c0fe13ccf971c74772eb8cc9610d9b3c71d6a5ddef5dc69b7fd
-
SHA512
8fdaf2ad51bb25cf23e49d26663b597b34d0ae310cb05fb946b6f56bef4d2d684ea1cd8205d45dfe47d9418eab584ab8ad64fc83e8e9db8d00b3d9781b388c28
-
SSDEEP
768:EPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJpZ4dDOIoqSZMjvz6:gok3hbdlylKsgqopeJBWhZFGkE+cL2Nw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-