General
-
Target
a903600e701a671c3eaaae0a24b8f3c8afdd16d0e831df015e92d7c6ad064b44
-
Size
33KB
-
Sample
240625-z2jepswdmr
-
MD5
9848b661a2ad27dc17ade9acb24a9765
-
SHA1
7099c664c44580f7432140a7f5768bdf40f0b6e6
-
SHA256
a903600e701a671c3eaaae0a24b8f3c8afdd16d0e831df015e92d7c6ad064b44
-
SHA512
92231e4e6bb84a3e256186ffd06f1d6c5c71f1c129d4da121278b48339b838750d6a7c101af8035ed05484033cab90511103c7b18eaacc267c156f2447d44b28
-
SSDEEP
192:N24cZEvA+6/6rNavrgYjk+4bWlzEtsPXZJtxzpaJYacnVg0jlnotX6Yv9Bwgodac:0yiSwvxjk+tz2mJnpoBgVg0jmtFg
Behavioral task
behavioral1
Sample
a903600e701a671c3eaaae0a24b8f3c8afdd16d0e831df015e92d7c6ad064b44.doc
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a903600e701a671c3eaaae0a24b8f3c8afdd16d0e831df015e92d7c6ad064b44.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://10.10.100.200/run64.ps1
Targets
-
-
Target
a903600e701a671c3eaaae0a24b8f3c8afdd16d0e831df015e92d7c6ad064b44
-
Size
33KB
-
MD5
9848b661a2ad27dc17ade9acb24a9765
-
SHA1
7099c664c44580f7432140a7f5768bdf40f0b6e6
-
SHA256
a903600e701a671c3eaaae0a24b8f3c8afdd16d0e831df015e92d7c6ad064b44
-
SHA512
92231e4e6bb84a3e256186ffd06f1d6c5c71f1c129d4da121278b48339b838750d6a7c101af8035ed05484033cab90511103c7b18eaacc267c156f2447d44b28
-
SSDEEP
192:N24cZEvA+6/6rNavrgYjk+4bWlzEtsPXZJtxzpaJYacnVg0jlnotX6Yv9Bwgodac:0yiSwvxjk+tz2mJnpoBgVg0jmtFg
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-