General
-
Target
b3970659be5d7ebcfb49e251b24a795f
-
Size
36KB
-
Sample
240305-ddal1acf71
-
MD5
b3970659be5d7ebcfb49e251b24a795f
-
SHA1
afb4e951585a6325737fcbd2f09d2299c0a732d1
-
SHA256
765a3fc715cd0a124f8f331a4f36b17b990e0aa571c7b7f97e4f3c3cef6a63b2
-
SHA512
4dc436c923a1011a95a388778800610c6873108c92e2037687aac8d837469b05f1ef1d49ca4e7bc103dcb948b53f56e0b247c9cecf648a63db0248aa3a4ca53e
-
SSDEEP
768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ3i90UIfxSx3gB4U11CcQ2:Iok3hbdlylKsgqopeJBWhZFGkE+cL2N6
Behavioral task
behavioral1
Sample
b3970659be5d7ebcfb49e251b24a795f.xls
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
b3970659be5d7ebcfb49e251b24a795f.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
b3970659be5d7ebcfb49e251b24a795f
-
Size
36KB
-
MD5
b3970659be5d7ebcfb49e251b24a795f
-
SHA1
afb4e951585a6325737fcbd2f09d2299c0a732d1
-
SHA256
765a3fc715cd0a124f8f331a4f36b17b990e0aa571c7b7f97e4f3c3cef6a63b2
-
SHA512
4dc436c923a1011a95a388778800610c6873108c92e2037687aac8d837469b05f1ef1d49ca4e7bc103dcb948b53f56e0b247c9cecf648a63db0248aa3a4ca53e
-
SSDEEP
768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ3i90UIfxSx3gB4U11CcQ2:Iok3hbdlylKsgqopeJBWhZFGkE+cL2N6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-