General
-
Target
a04f91673ea0e8e3984a04d2063cb1bfe499b7bd0b7ce5d5674a2870fbbe5039
-
Size
39KB
-
Sample
240629-1l23jszgrl
-
MD5
fbcf39cd96c5a07931aa7e78df4ef17e
-
SHA1
b2776ef05a089dcb9dbddc93b64e6e20b5b9f0b6
-
SHA256
a04f91673ea0e8e3984a04d2063cb1bfe499b7bd0b7ce5d5674a2870fbbe5039
-
SHA512
9b9231604856fd4234ded485bc79fc4850bc668cc7300db61ee91f0aaa0678bdaaf1629970c3a4996a27c7f54839f86879ea4b089e20d2b4c02fd7d297e9a0f3
-
SSDEEP
384:NiSsqdg1vA96bt3SMbTJvwDQwnejDy/0jRht0Z:v+1o9LM3iRq6
Behavioral task
behavioral1
Sample
a04f91673ea0e8e3984a04d2063cb1bfe499b7bd0b7ce5d5674a2870fbbe5039.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a04f91673ea0e8e3984a04d2063cb1bfe499b7bd0b7ce5d5674a2870fbbe5039.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://192.168.45.179/run.ps1
Targets
-
-
Target
a04f91673ea0e8e3984a04d2063cb1bfe499b7bd0b7ce5d5674a2870fbbe5039
-
Size
39KB
-
MD5
fbcf39cd96c5a07931aa7e78df4ef17e
-
SHA1
b2776ef05a089dcb9dbddc93b64e6e20b5b9f0b6
-
SHA256
a04f91673ea0e8e3984a04d2063cb1bfe499b7bd0b7ce5d5674a2870fbbe5039
-
SHA512
9b9231604856fd4234ded485bc79fc4850bc668cc7300db61ee91f0aaa0678bdaaf1629970c3a4996a27c7f54839f86879ea4b089e20d2b4c02fd7d297e9a0f3
-
SSDEEP
384:NiSsqdg1vA96bt3SMbTJvwDQwnejDy/0jRht0Z:v+1o9LM3iRq6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-