General
-
Target
2fd415ebb6e49cd4739096ceb648fc2190072a8a1d93cbc34181e1a6dcb3ad5e
-
Size
29KB
-
Sample
240629-1q9ceszhrk
-
MD5
7cbc7205cb5331f5991e3f81dc64321f
-
SHA1
47e95088e711df9eeff11763f56d09cf687bd9a3
-
SHA256
2fd415ebb6e49cd4739096ceb648fc2190072a8a1d93cbc34181e1a6dcb3ad5e
-
SHA512
8aa088f4eb23a929105b9e5040ae853a6fd11ec4a0814eaec30568957ec2df59f244d1d565216ece1dff5bae1fbb3f63ea4add2d71917fda54ae52abbf7929bb
-
SSDEEP
192:g8iZEvA+6/6rupx+uh9dERlxJTrgpzA0jp4tWWKca:TiSupx+YdE5eA0jyt8
Behavioral task
behavioral1
Sample
2fd415ebb6e49cd4739096ceb648fc2190072a8a1d93cbc34181e1a6dcb3ad5e.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2fd415ebb6e49cd4739096ceb648fc2190072a8a1d93cbc34181e1a6dcb3ad5e.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://192.168.45.179/run.ps1
Targets
-
-
Target
2fd415ebb6e49cd4739096ceb648fc2190072a8a1d93cbc34181e1a6dcb3ad5e
-
Size
29KB
-
MD5
7cbc7205cb5331f5991e3f81dc64321f
-
SHA1
47e95088e711df9eeff11763f56d09cf687bd9a3
-
SHA256
2fd415ebb6e49cd4739096ceb648fc2190072a8a1d93cbc34181e1a6dcb3ad5e
-
SHA512
8aa088f4eb23a929105b9e5040ae853a6fd11ec4a0814eaec30568957ec2df59f244d1d565216ece1dff5bae1fbb3f63ea4add2d71917fda54ae52abbf7929bb
-
SSDEEP
192:g8iZEvA+6/6rupx+uh9dERlxJTrgpzA0jp4tWWKca:TiSupx+YdE5eA0jyt8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-