General
-
Target
01944c55c4d7e07f322aa6d6924ec19bb17e1e1a86ff4b0bf9f9281585c73f26
-
Size
59KB
-
Sample
240523-nemm3aeb8x
-
MD5
e416bb6d44ea4144e73d9f6bfd131060
-
SHA1
2ed98b87a91d9be7b6d18ae9b48a030e06471f00
-
SHA256
01944c55c4d7e07f322aa6d6924ec19bb17e1e1a86ff4b0bf9f9281585c73f26
-
SHA512
019de3fa55b192186c254a7e93e36dbfc2a8592170421a54a87edf79cc3d3605236dc7d74c6d32ec0847a27d20dd167fcd0f5011029ed6bfbfbcce0ecd2c1af0
-
SSDEEP
768:Vmgad+mMT+DhO0PJBlrULJpr0DQwMJFTPE8uY:VkV64BJ4LJUQwMJZM
Behavioral task
behavioral1
Sample
01944c55c4d7e07f322aa6d6924ec19bb17e1e1a86ff4b0bf9f9281585c73f26.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
01944c55c4d7e07f322aa6d6924ec19bb17e1e1a86ff4b0bf9f9281585c73f26.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
https://upload.standoff365.info/tubes/tyagi.exe
Targets
-
-
Target
01944c55c4d7e07f322aa6d6924ec19bb17e1e1a86ff4b0bf9f9281585c73f26
-
Size
59KB
-
MD5
e416bb6d44ea4144e73d9f6bfd131060
-
SHA1
2ed98b87a91d9be7b6d18ae9b48a030e06471f00
-
SHA256
01944c55c4d7e07f322aa6d6924ec19bb17e1e1a86ff4b0bf9f9281585c73f26
-
SHA512
019de3fa55b192186c254a7e93e36dbfc2a8592170421a54a87edf79cc3d3605236dc7d74c6d32ec0847a27d20dd167fcd0f5011029ed6bfbfbcce0ecd2c1af0
-
SSDEEP
768:Vmgad+mMT+DhO0PJBlrULJpr0DQwMJFTPE8uY:VkV64BJ4LJUQwMJZM
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-