General
-
Target
8a304b04b8c480ab83508f0599edcb3b3970cc16df34c513b16c8781ebd3bd19
-
Size
32KB
-
Sample
240419-b94hvaee4w
-
MD5
0d0c88337fda0ca2a004c7d7696079f0
-
SHA1
a94260ea968432aa9a30f94de14f76f2f18fa8cd
-
SHA256
8a304b04b8c480ab83508f0599edcb3b3970cc16df34c513b16c8781ebd3bd19
-
SHA512
ba9de2ce345f8aa495a1a937bbba6c164c1c12fae88e61a00ee8848526d62f2066bc18a59f34c07161c4db5a40c630c31b873fc6f319dbdb241827bc86273a26
-
SSDEEP
192:IIlLZEvA+6/6rNavrgYjk+4bWlW3INtb8t5CNw0y1sg0jZ/kfxaElrmXru:IE8iSwvxjk+tWOtwtAaf1sg0jMZrqru
Behavioral task
behavioral1
Sample
8a304b04b8c480ab83508f0599edcb3b3970cc16df34c513b16c8781ebd3bd19.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
8a304b04b8c480ab83508f0599edcb3b3970cc16df34c513b16c8781ebd3bd19.doc
Resource
win10v2004-20240412-en
Malware Config
Extracted
http://192.168.45.234:443/Tools/Heat/katz.txt
http://192.168.45.234:443/Tools/Heat/Shellm.txt
Targets
-
-
Target
8a304b04b8c480ab83508f0599edcb3b3970cc16df34c513b16c8781ebd3bd19
-
Size
32KB
-
MD5
0d0c88337fda0ca2a004c7d7696079f0
-
SHA1
a94260ea968432aa9a30f94de14f76f2f18fa8cd
-
SHA256
8a304b04b8c480ab83508f0599edcb3b3970cc16df34c513b16c8781ebd3bd19
-
SHA512
ba9de2ce345f8aa495a1a937bbba6c164c1c12fae88e61a00ee8848526d62f2066bc18a59f34c07161c4db5a40c630c31b873fc6f319dbdb241827bc86273a26
-
SSDEEP
192:IIlLZEvA+6/6rNavrgYjk+4bWlW3INtb8t5CNw0y1sg0jZ/kfxaElrmXru:IE8iSwvxjk+tWOtwtAaf1sg0jMZrqru
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-