General
-
Target
2e46c6976dc0053fc0c482548460958df20ccf76fe61f41202ed0fa7c5726155
-
Size
206KB
-
Sample
241113-j8zghaybnc
-
MD5
d4aa61eba5ee0542cb5379181bd30adf
-
SHA1
91d17360f6a39c946bc7073f42c80ff7c125c5f3
-
SHA256
2e46c6976dc0053fc0c482548460958df20ccf76fe61f41202ed0fa7c5726155
-
SHA512
9da6cf0459b4cdfd03d3d073df008d64d7c2d413040e921d854b0335f8a76bf9e6434896097ac58a31067e4dee6c2b0b1f8906eb3bd7c8c2baa3c6d9e468adc3
-
SSDEEP
6144:dN2k4DtGiL3HJk9RD7b75nEZAe9ohV7W0:dNiQitk77b9EZH94V7W0
Static task
static1
Behavioral task
behavioral1
Sample
2e46c6976dc0053fc0c482548460958df20ccf76fe61f41202ed0fa7c5726155.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2e46c6976dc0053fc0c482548460958df20ccf76fe61f41202ed0fa7c5726155.doc
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://pcms.bridgeimprex.com/zAqMf/
http://test.a1enterprise.com/jxl/xo/
http://app.bridgeimpex.org/img/H4sNbg51/
http://a1enterprises.com/wp-content/BpOszbMoI/
http://isabella.makeyourselfelaborate.com/wp-admin/u19xl/
Targets
-
-
Target
2e46c6976dc0053fc0c482548460958df20ccf76fe61f41202ed0fa7c5726155
-
Size
206KB
-
MD5
d4aa61eba5ee0542cb5379181bd30adf
-
SHA1
91d17360f6a39c946bc7073f42c80ff7c125c5f3
-
SHA256
2e46c6976dc0053fc0c482548460958df20ccf76fe61f41202ed0fa7c5726155
-
SHA512
9da6cf0459b4cdfd03d3d073df008d64d7c2d413040e921d854b0335f8a76bf9e6434896097ac58a31067e4dee6c2b0b1f8906eb3bd7c8c2baa3c6d9e468adc3
-
SSDEEP
6144:dN2k4DtGiL3HJk9RD7b75nEZAe9ohV7W0:dNiQitk77b9EZH94V7W0
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-