General
-
Target
66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36
-
Size
12KB
-
Sample
240523-ac622aeb2v
-
MD5
6800bdb8e0bfd0d57762b346fdf5c03e
-
SHA1
9835f0143f70fc3afe57338da5996d9717d10cd9
-
SHA256
66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36
-
SHA512
ef4f8958b4e9e5dd3cce884e37de60e7f4765b7801fe114a7a378ccf4deaaba251eff10ff4e7cfb6cae93e89082c8ea6eaf4c998cb9f8b0b2bfb814bb5f93827
-
SSDEEP
192:3L29RBzDzeobchBj8JON1ON8ruvrEPEjr7Aha:b29jnbcvYJOSyuvvr7Ca
Static task
static1
Behavioral task
behavioral1
Sample
66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36.xll
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36.xll
Resource
win11-20240426-en
Malware Config
Extracted
Targets
-
-
Target
66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36
-
Size
12KB
-
MD5
6800bdb8e0bfd0d57762b346fdf5c03e
-
SHA1
9835f0143f70fc3afe57338da5996d9717d10cd9
-
SHA256
66085ec20d2b85fa38b28e8b9b9677bcfb9878421f564ef140f2f71428a70e36
-
SHA512
ef4f8958b4e9e5dd3cce884e37de60e7f4765b7801fe114a7a378ccf4deaaba251eff10ff4e7cfb6cae93e89082c8ea6eaf4c998cb9f8b0b2bfb814bb5f93827
-
SSDEEP
192:3L29RBzDzeobchBj8JON1ON8ruvrEPEjr7Aha:b29jnbcvYJOSyuvvr7Ca
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-