General
-
Target
606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601
-
Size
243KB
-
Sample
241111-vszccasejb
-
MD5
079f7765c25286da18b4c36fd8f8eb74
-
SHA1
0bd70437f96c22bd3107a8c26b0c518e7d715306
-
SHA256
606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601
-
SHA512
9bf9cf19e415cf9421f4e4eb723b9c354ea3419fa3a1905a9c5dc6f91a0e65bda3e45cca6c445c74dcbe8e256c2e85400ebdb61d2d00f2b3b1d08a04efb88d7f
-
SSDEEP
6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj
Behavioral task
behavioral1
Sample
606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://servidorcarlosydavid.es/wp-admin/jkNPgHxNjF/
https://gmo-sol-p10.heteml.jp/includes/UoJMgYAc1EES/
https://iashanghai.cn/z/Z1PG6ulBh20plss/
https://www.pasionportufuturo.pe/wp-content/HkUfvw0xuCy5/
http://dmdagents.com.au/vqwbgz/CL4Bo4C4VS0deg/
Targets
-
-
Target
606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601
-
Size
243KB
-
MD5
079f7765c25286da18b4c36fd8f8eb74
-
SHA1
0bd70437f96c22bd3107a8c26b0c518e7d715306
-
SHA256
606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601
-
SHA512
9bf9cf19e415cf9421f4e4eb723b9c354ea3419fa3a1905a9c5dc6f91a0e65bda3e45cca6c445c74dcbe8e256c2e85400ebdb61d2d00f2b3b1d08a04efb88d7f
-
SSDEEP
6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-