General
-
Target
50964faa7fe10a1fdc698e847d8b468ff2dedd85c353231750cc198453ba6f75
-
Size
12KB
-
Sample
240522-yr6xksef53
-
MD5
10e4c8c61c715af85c4cedc1ee10cfa9
-
SHA1
d6a9cd1414ba2f841b87278fae980ebc1d7d41dd
-
SHA256
50964faa7fe10a1fdc698e847d8b468ff2dedd85c353231750cc198453ba6f75
-
SHA512
04c732e5703853e4cb93641c2be9aa35ebee8bfe0214b73831297c3d050bd2c8c169ac1eb6a31349b1453ba7f175911f3245b6d3b7db4a2ecbeb5a8054764d40
-
SSDEEP
192:zL29RBzDzeobchBj8JONMONaruPrEPEjr7AhnP:v29jnbcvYJONcuPvr7CP
Static task
static1
Behavioral task
behavioral1
Sample
50964faa7fe10a1fdc698e847d8b468ff2dedd85c353231750cc198453ba6f75.xll
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
50964faa7fe10a1fdc698e847d8b468ff2dedd85c353231750cc198453ba6f75.xll
Resource
win11-20240508-en
Malware Config
Extracted
Targets
-
-
Target
50964faa7fe10a1fdc698e847d8b468ff2dedd85c353231750cc198453ba6f75
-
Size
12KB
-
MD5
10e4c8c61c715af85c4cedc1ee10cfa9
-
SHA1
d6a9cd1414ba2f841b87278fae980ebc1d7d41dd
-
SHA256
50964faa7fe10a1fdc698e847d8b468ff2dedd85c353231750cc198453ba6f75
-
SHA512
04c732e5703853e4cb93641c2be9aa35ebee8bfe0214b73831297c3d050bd2c8c169ac1eb6a31349b1453ba7f175911f3245b6d3b7db4a2ecbeb5a8054764d40
-
SSDEEP
192:zL29RBzDzeobchBj8JONMONaruPrEPEjr7AhnP:v29jnbcvYJONcuPvr7CP
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-