General
-
Target
db2b9f294b9cabc92aed4e840bf635fe3ac924f62e7043c2549840adde00e55c
-
Size
12KB
-
Sample
240522-zdvstsfg67
-
MD5
b54f29afbebe0ee91ead7d1028a4c80a
-
SHA1
5a71e236365b4d49a9d1dfad28edbaa925cc6650
-
SHA256
db2b9f294b9cabc92aed4e840bf635fe3ac924f62e7043c2549840adde00e55c
-
SHA512
0121b4b65e57ae207c7cf24c915a3ffd1b2cf039f3fedd0ee9c812beb57e14181abd8031c88a56f1966733b02f8afa42d6cc954f9ddcc84d1f842bf45e7cd44b
-
SSDEEP
192:oL29RBzDzeobchBj8JONvONPruZrEPEjr7AhY:m29jnbcvYJOw9uZvr7CY
Static task
static1
Behavioral task
behavioral1
Sample
db2b9f294b9cabc92aed4e840bf635fe3ac924f62e7043c2549840adde00e55c.xll
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
db2b9f294b9cabc92aed4e840bf635fe3ac924f62e7043c2549840adde00e55c.xll
Resource
win11-20240508-en
Malware Config
Extracted
Targets
-
-
Target
db2b9f294b9cabc92aed4e840bf635fe3ac924f62e7043c2549840adde00e55c
-
Size
12KB
-
MD5
b54f29afbebe0ee91ead7d1028a4c80a
-
SHA1
5a71e236365b4d49a9d1dfad28edbaa925cc6650
-
SHA256
db2b9f294b9cabc92aed4e840bf635fe3ac924f62e7043c2549840adde00e55c
-
SHA512
0121b4b65e57ae207c7cf24c915a3ffd1b2cf039f3fedd0ee9c812beb57e14181abd8031c88a56f1966733b02f8afa42d6cc954f9ddcc84d1f842bf45e7cd44b
-
SSDEEP
192:oL29RBzDzeobchBj8JONvONPruZrEPEjr7AhY:m29jnbcvYJOw9uZvr7CY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-