General
-
Target
Advanced Potion Making for Housewives.doc
-
Size
34KB
-
Sample
240524-sbtdnahh6s
-
MD5
469b95fc86426a814f5da1ef157f4ef9
-
SHA1
8f593a506441acff807bcc817f8ea4c39bba1c69
-
SHA256
551ba458639eeb32bcf9466a145166979701f9e923167c6109f5a4628548aeef
-
SHA512
fec0a9eedade34085a000ed9754d4ee78d5ef7c8cd7aacf81f982d55035c51f08f4dccf43f26543db9ad018aa7128fe6b58076263019bde9ab4d4e4f29b58530
-
SSDEEP
192:j6a7eHQYZEvAqkf01Y6/6rJ984woO+QHj1gPja3xSdYinDSdhshBbw8ri50jgtz4:j6T5iSJPw+QD1gQ6z1hBNi50j05tpY
Behavioral task
behavioral1
Sample
Advanced Potion Making for Housewives.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Advanced Potion Making for Housewives.doc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Advanced Potion Making for Housewives.doc
-
Size
34KB
-
MD5
469b95fc86426a814f5da1ef157f4ef9
-
SHA1
8f593a506441acff807bcc817f8ea4c39bba1c69
-
SHA256
551ba458639eeb32bcf9466a145166979701f9e923167c6109f5a4628548aeef
-
SHA512
fec0a9eedade34085a000ed9754d4ee78d5ef7c8cd7aacf81f982d55035c51f08f4dccf43f26543db9ad018aa7128fe6b58076263019bde9ab4d4e4f29b58530
-
SSDEEP
192:j6a7eHQYZEvAqkf01Y6/6rJ984woO+QHj1gPja3xSdYinDSdhshBbw8ri50jgtz4:j6T5iSJPw+QD1gQ6z1hBNi50j05tpY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-