General
-
Target
1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda
-
Size
83KB
-
Sample
240829-zze99stcjl
-
MD5
c2387929be8ef7e965e02d7b8a57b1b8
-
SHA1
eed9c4a75000a59a48956b6c76484d1bc64d94a8
-
SHA256
1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda
-
SHA512
caeb0337d9c7fc28d5c4bc6c0b3ea634b04175594e4d9cfa483a8f1ccfbeeb70e79c95d344f9b44d927e6bf6bfa6a63548b24a5328de7e2702dbf6f8be975767
-
SSDEEP
1536:F5Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv91vrVmxJiME2GhdD52lZPFu1AOg/+tl:rKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgb
Behavioral task
behavioral1
Sample
1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://cabalasgov.com.br/OC3zbnSCG/j.html
https://guatec.com.br/NwnJ4ODx/j.html
https://site.advancertv.com/VbUzCCQo/j.html
Targets
-
-
Target
1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda
-
Size
83KB
-
MD5
c2387929be8ef7e965e02d7b8a57b1b8
-
SHA1
eed9c4a75000a59a48956b6c76484d1bc64d94a8
-
SHA256
1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda
-
SHA512
caeb0337d9c7fc28d5c4bc6c0b3ea634b04175594e4d9cfa483a8f1ccfbeeb70e79c95d344f9b44d927e6bf6bfa6a63548b24a5328de7e2702dbf6f8be975767
-
SSDEEP
1536:F5Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv91vrVmxJiME2GhdD52lZPFu1AOg/+tl:rKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-