General
-
Target
b05f88b93443f155daea5abd4be0be42b997502dbbfe8098cb6f0dccf8c56657
-
Size
242KB
-
Sample
241113-nxx7hszrhx
-
MD5
811ef2654782202c6135c0b2c3dede5c
-
SHA1
89a6122c7aa6f5a8edfa816dd4c1addab732f3d9
-
SHA256
b05f88b93443f155daea5abd4be0be42b997502dbbfe8098cb6f0dccf8c56657
-
SHA512
0c4f46d4cb2f5dc61f501d487c9f4f27b56b0f09b9333e193e11ec3f4609acb267e40038421644d2147e5b3c8f237e367176dd79249d0cd9c97669f5b18439c4
-
SSDEEP
6144:/0Rum7mdLRp1bbSBIR/EHGtCMXgTo8qoFt/etg+Zj80KY:/0E3dxtR/iU9mvUPZw0KY
Behavioral task
behavioral1
Sample
b05f88b93443f155daea5abd4be0be42b997502dbbfe8098cb6f0dccf8c56657.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
b05f88b93443f155daea5abd4be0be42b997502dbbfe8098cb6f0dccf8c56657.doc
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://lehraagrotech.com/wp-content/B/
http://emdgames.com/calendar/xos/
http://seca.infoavisos.com/wp-seca/f/
http://arx163.com/wp-admin/uw4/
http://youthplant.org/wp-admin/838/
Targets
-
-
Target
b05f88b93443f155daea5abd4be0be42b997502dbbfe8098cb6f0dccf8c56657
-
Size
242KB
-
MD5
811ef2654782202c6135c0b2c3dede5c
-
SHA1
89a6122c7aa6f5a8edfa816dd4c1addab732f3d9
-
SHA256
b05f88b93443f155daea5abd4be0be42b997502dbbfe8098cb6f0dccf8c56657
-
SHA512
0c4f46d4cb2f5dc61f501d487c9f4f27b56b0f09b9333e193e11ec3f4609acb267e40038421644d2147e5b3c8f237e367176dd79249d0cd9c97669f5b18439c4
-
SSDEEP
6144:/0Rum7mdLRp1bbSBIR/EHGtCMXgTo8qoFt/etg+Zj80KY:/0E3dxtR/iU9mvUPZw0KY
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-