General
-
Target
b6ee30cfa1d23aa024830b696e395843
-
Size
36KB
-
Sample
240306-jy8x7afh83
-
MD5
b6ee30cfa1d23aa024830b696e395843
-
SHA1
ad72ba11045f9f0913d43bf8e561fbf92e4b7fc2
-
SHA256
bd411d693800277644cd3cc29e61a605fea9713e35bb7a48a155a22975ca247d
-
SHA512
427d8ad8165bb1a9d1ab4b955b2daaa03d5c39da8adcedbf46b0c58c63d3e1519d3883a46fb5b73b935a21a8d56a43985cc12a7e5d0e071ee548147e7512ede0
-
SSDEEP
768:8PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJxHoEC3wvd85+HJCpK:ook3hbdlylKsgqopeJBWhZFGkE+cL2N6
Behavioral task
behavioral1
Sample
b6ee30cfa1d23aa024830b696e395843.xls
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
b6ee30cfa1d23aa024830b696e395843.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
b6ee30cfa1d23aa024830b696e395843
-
Size
36KB
-
MD5
b6ee30cfa1d23aa024830b696e395843
-
SHA1
ad72ba11045f9f0913d43bf8e561fbf92e4b7fc2
-
SHA256
bd411d693800277644cd3cc29e61a605fea9713e35bb7a48a155a22975ca247d
-
SHA512
427d8ad8165bb1a9d1ab4b955b2daaa03d5c39da8adcedbf46b0c58c63d3e1519d3883a46fb5b73b935a21a8d56a43985cc12a7e5d0e071ee548147e7512ede0
-
SSDEEP
768:8PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJxHoEC3wvd85+HJCpK:ook3hbdlylKsgqopeJBWhZFGkE+cL2N6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-