General
-
Target
9b4b75c09078265dbd0f5438d66f98b09e85921ebd27d1a10af486347b31fce2
-
Size
31KB
-
Sample
240724-1fnmza1eqg
-
MD5
8c86b2b91d5028baf6c3b3cc9880db5a
-
SHA1
f54d390aa3e2b94f01e57bcbec77ae544999516a
-
SHA256
9b4b75c09078265dbd0f5438d66f98b09e85921ebd27d1a10af486347b31fce2
-
SHA512
64cb5d734354037aa3d1ec25af7af558e1b3b71fb6c2e1ded776b4ba14fbd54e1132adf4cf57600f2fcf7928a49fd68fbfe63682e8b2ab24bbc154bf65a88388
-
SSDEEP
192:lSCuRSZEvAqD4xi6/6ro7eOWVDExMXHlkp8Upcdy2s50jAnTWtTdE7aA:lSrhiSoqONxQ+WQc02s50jA6th6
Behavioral task
behavioral1
Sample
9b4b75c09078265dbd0f5438d66f98b09e85921ebd27d1a10af486347b31fce2.doc
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9b4b75c09078265dbd0f5438d66f98b09e85921ebd27d1a10af486347b31fce2.doc
Resource
win10v2004-20240709-en
Malware Config
Extracted
http://192.168.3.10/rev.ps1
Targets
-
-
Target
9b4b75c09078265dbd0f5438d66f98b09e85921ebd27d1a10af486347b31fce2
-
Size
31KB
-
MD5
8c86b2b91d5028baf6c3b3cc9880db5a
-
SHA1
f54d390aa3e2b94f01e57bcbec77ae544999516a
-
SHA256
9b4b75c09078265dbd0f5438d66f98b09e85921ebd27d1a10af486347b31fce2
-
SHA512
64cb5d734354037aa3d1ec25af7af558e1b3b71fb6c2e1ded776b4ba14fbd54e1132adf4cf57600f2fcf7928a49fd68fbfe63682e8b2ab24bbc154bf65a88388
-
SSDEEP
192:lSCuRSZEvAqD4xi6/6ro7eOWVDExMXHlkp8Upcdy2s50jAnTWtTdE7aA:lSrhiSoqONxQ+WQc02s50jA6th6
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-