General
-
Target
ee608bd24b903bca3c47a34ad94e8dd995b99458e0a06b459a76acef8365657f
-
Size
213KB
-
Sample
241113-zt1n1sygph
-
MD5
1055aec3fcf020f2b1c30f621b74305d
-
SHA1
3535991115965a4ba02bba48b63b1cd3e333357f
-
SHA256
ee608bd24b903bca3c47a34ad94e8dd995b99458e0a06b459a76acef8365657f
-
SHA512
44e8451c96cdbc95f0220185fa441157bae9f9a6e3d4383023d1a415dec3cc2f2a55d486c15650070e82ac07c8b904a7fc716a9de589014cbaf5f7abaa17f7e0
-
SSDEEP
6144:A/2k44tGiL3HJk9bD7bWjLDPWvCoqIFDL:A/hQitkZ7b8yDL
Behavioral task
behavioral1
Sample
ee608bd24b903bca3c47a34ad94e8dd995b99458e0a06b459a76acef8365657f.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ee608bd24b903bca3c47a34ad94e8dd995b99458e0a06b459a76acef8365657f.doc
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://diwafashions.com/wp-admin/mqau6/
http://designers.hotcom-web.com/ubkskw29clek/qnpm1p/
http://dixartcontractors.com/cgi-bin/nnuv/
http://diaspotv.info/wordpress/G/
http://easyvisaoverseas.com/cgi-bin/v/
Targets
-
-
Target
ee608bd24b903bca3c47a34ad94e8dd995b99458e0a06b459a76acef8365657f
-
Size
213KB
-
MD5
1055aec3fcf020f2b1c30f621b74305d
-
SHA1
3535991115965a4ba02bba48b63b1cd3e333357f
-
SHA256
ee608bd24b903bca3c47a34ad94e8dd995b99458e0a06b459a76acef8365657f
-
SHA512
44e8451c96cdbc95f0220185fa441157bae9f9a6e3d4383023d1a415dec3cc2f2a55d486c15650070e82ac07c8b904a7fc716a9de589014cbaf5f7abaa17f7e0
-
SSDEEP
6144:A/2k44tGiL3HJk9bD7bWjLDPWvCoqIFDL:A/hQitkZ7b8yDL
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-