General
-
Target
f0ad02679b76805d022cb854fb9651e73456dff99f45262da43f7d06a4c3368f
-
Size
83KB
-
Sample
240829-zv1emstanr
-
MD5
77b921106d0c335653180432a9c86485
-
SHA1
ddd647bccdde7b9838634f7a5637fd141d86a10c
-
SHA256
f0ad02679b76805d022cb854fb9651e73456dff99f45262da43f7d06a4c3368f
-
SHA512
93cca5d875d10194a4b90e4be019d3864f12580f50be92715af6d5c7b6058c779648e78bafb68b3a954cd686739698574ccd08b4fbc2c4300eec61ebe63b1e83
-
SSDEEP
1536:F5Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv91vrVmxJiME2GhdD52lZPFu1AOg/+tM:rKpb8rGYrMPe3q7Q0XV5xtezEsi8/dge
Behavioral task
behavioral1
Sample
f0ad02679b76805d022cb854fb9651e73456dff99f45262da43f7d06a4c3368f.xls
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
f0ad02679b76805d022cb854fb9651e73456dff99f45262da43f7d06a4c3368f.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://cabalasgov.com.br/OC3zbnSCG/j.html
https://guatec.com.br/NwnJ4ODx/j.html
https://site.advancertv.com/VbUzCCQo/j.html
Targets
-
-
Target
f0ad02679b76805d022cb854fb9651e73456dff99f45262da43f7d06a4c3368f
-
Size
83KB
-
MD5
77b921106d0c335653180432a9c86485
-
SHA1
ddd647bccdde7b9838634f7a5637fd141d86a10c
-
SHA256
f0ad02679b76805d022cb854fb9651e73456dff99f45262da43f7d06a4c3368f
-
SHA512
93cca5d875d10194a4b90e4be019d3864f12580f50be92715af6d5c7b6058c779648e78bafb68b3a954cd686739698574ccd08b4fbc2c4300eec61ebe63b1e83
-
SSDEEP
1536:F5Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv91vrVmxJiME2GhdD52lZPFu1AOg/+tM:rKpb8rGYrMPe3q7Q0XV5xtezEsi8/dge
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-