General
-
Target
23a39fc01343eb1b5a1ec43f92409497d73d52c8a369706a6148f9f2d7e22e86
-
Size
12KB
-
Sample
240522-3fhstsdb3y
-
MD5
84ab132cf78808f377b89a0a547e4c75
-
SHA1
d28ec3424531c30489c0eccf505c26c0fdac06d7
-
SHA256
23a39fc01343eb1b5a1ec43f92409497d73d52c8a369706a6148f9f2d7e22e86
-
SHA512
011d061413d9db29dbd67a53b0bc031b9b43fad6051cf0a128994450f61915304fed32f151efa76527c03733bbc3a42e5dff37ba3ec8f56429a5ab9902c3f057
-
SSDEEP
192:FL29RBzDzeobchBj8JON/ON1druErEPEjr7AhI:929jnbcvYJOAxuEvr7CI
Static task
static1
Behavioral task
behavioral1
Sample
23a39fc01343eb1b5a1ec43f92409497d73d52c8a369706a6148f9f2d7e22e86.xll
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
23a39fc01343eb1b5a1ec43f92409497d73d52c8a369706a6148f9f2d7e22e86.xll
Resource
win11-20240508-en
Malware Config
Extracted
Targets
-
-
Target
23a39fc01343eb1b5a1ec43f92409497d73d52c8a369706a6148f9f2d7e22e86
-
Size
12KB
-
MD5
84ab132cf78808f377b89a0a547e4c75
-
SHA1
d28ec3424531c30489c0eccf505c26c0fdac06d7
-
SHA256
23a39fc01343eb1b5a1ec43f92409497d73d52c8a369706a6148f9f2d7e22e86
-
SHA512
011d061413d9db29dbd67a53b0bc031b9b43fad6051cf0a128994450f61915304fed32f151efa76527c03733bbc3a42e5dff37ba3ec8f56429a5ab9902c3f057
-
SSDEEP
192:FL29RBzDzeobchBj8JON/ON1druErEPEjr7AhI:929jnbcvYJOAxuEvr7CI
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-