General
-
Target
a79f7acee5764ff3e3f14bdd8a021cfa393bc53030a8b2b90601a9b0a4f28b59
-
Size
32KB
-
Sample
240625-zwhk8awanp
-
MD5
450a158c29545d79072e8eda82ed7acd
-
SHA1
c52338065058b5af943b4eb22c49402cdd548f1b
-
SHA256
a79f7acee5764ff3e3f14bdd8a021cfa393bc53030a8b2b90601a9b0a4f28b59
-
SHA512
a75d0f9527a6eab60abd2170550660c3189f905d44c886c876e2c4611478e52a21956f29c299544bc43a32f60b83dbc509a41671b3c0d2336be7c8d9d73eb28f
-
SSDEEP
192:kI24cZEvA+6/6rNavrgYjk+4bWliuVsJ8n7UjkOuqCsLIg0jyI90t7a/RJza:kxyiSwvxjk+tikd7UwqCcIg0jzCtO/
Behavioral task
behavioral1
Sample
a79f7acee5764ff3e3f14bdd8a021cfa393bc53030a8b2b90601a9b0a4f28b59.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
a79f7acee5764ff3e3f14bdd8a021cfa393bc53030a8b2b90601a9b0a4f28b59.doc
Resource
win10v2004-20240611-en
Malware Config
Extracted
http://10.10.100.200/run64.ps1
Targets
-
-
Target
a79f7acee5764ff3e3f14bdd8a021cfa393bc53030a8b2b90601a9b0a4f28b59
-
Size
32KB
-
MD5
450a158c29545d79072e8eda82ed7acd
-
SHA1
c52338065058b5af943b4eb22c49402cdd548f1b
-
SHA256
a79f7acee5764ff3e3f14bdd8a021cfa393bc53030a8b2b90601a9b0a4f28b59
-
SHA512
a75d0f9527a6eab60abd2170550660c3189f905d44c886c876e2c4611478e52a21956f29c299544bc43a32f60b83dbc509a41671b3c0d2336be7c8d9d73eb28f
-
SSDEEP
192:kI24cZEvA+6/6rNavrgYjk+4bWliuVsJ8n7UjkOuqCsLIg0jyI90t7a/RJza:kxyiSwvxjk+tikd7UwqCcIg0jzCtO/
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-