General
-
Target
SecuriteInfo.com.Exploit.Siggen3.2491.3650.28971.xlsx
-
Size
36KB
-
Sample
240910-dtlzzathrr
-
MD5
1f168ac4f678476e493552e65995ae1a
-
SHA1
592dc08e825b709ce6659b6fe0e0115f3b3c07c4
-
SHA256
c42f5a5dd598b693fbe399ee2373e90ff0316935e923a81b39c4700fef60e0ea
-
SHA512
4536a1a23539280e5fde4d398577a36a44e0c51ef2d6a2eb452037c6b7b1cdd3de80fbfb96a972fac367f9986c741a5ca386e2d8a846b2fa9fadcce758e80767
-
SSDEEP
768:iPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJf63KmlDnNzbFwv4:Gok3hbdlylKsgqopeJBWhZFGkE+cL2Nd
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.2491.3650.28971.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.2491.3650.28971.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://syracuse.best/wp-data.php
https://skill.fashion/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.2491.3650.28971.xlsx
-
Size
36KB
-
MD5
1f168ac4f678476e493552e65995ae1a
-
SHA1
592dc08e825b709ce6659b6fe0e0115f3b3c07c4
-
SHA256
c42f5a5dd598b693fbe399ee2373e90ff0316935e923a81b39c4700fef60e0ea
-
SHA512
4536a1a23539280e5fde4d398577a36a44e0c51ef2d6a2eb452037c6b7b1cdd3de80fbfb96a972fac367f9986c741a5ca386e2d8a846b2fa9fadcce758e80767
-
SSDEEP
768:iPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJf63KmlDnNzbFwv4:Gok3hbdlylKsgqopeJBWhZFGkE+cL2Nd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-