General
-
Target
922d9b9625b73e108c9faca69fe0d2fb518a42abf09bf5f1ef78e475bbc5cf71
-
Size
94KB
-
Sample
241120-nhzf2a1jaj
-
MD5
6bd7cb35ad2cca70050ed677b627304c
-
SHA1
afbb1c91fc2d4f553e2f3d0b9c80b3436f795701
-
SHA256
922d9b9625b73e108c9faca69fe0d2fb518a42abf09bf5f1ef78e475bbc5cf71
-
SHA512
5b9d7e3837f5ae7b4cc8cf6edc6199707e803997d2d7a2008a73e19bd741195f6a170ec7f397e2480f0f16f70f98c3e995a75d66c71bf72206e43ace446231ff
-
SSDEEP
1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ
Behavioral task
behavioral1
Sample
922d9b9625b73e108c9faca69fe0d2fb518a42abf09bf5f1ef78e475bbc5cf71.xls
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
922d9b9625b73e108c9faca69fe0d2fb518a42abf09bf5f1ef78e475bbc5cf71.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://bosny.com/aspnet_client/NGTx1FUzq/
https://www.berekethaber.com/hatax/c7crGdejW4380ORuxqR/
https://bulldogironworksllc.com/temp/BBh5HHpei/
Targets
-
-
Target
922d9b9625b73e108c9faca69fe0d2fb518a42abf09bf5f1ef78e475bbc5cf71
-
Size
94KB
-
MD5
6bd7cb35ad2cca70050ed677b627304c
-
SHA1
afbb1c91fc2d4f553e2f3d0b9c80b3436f795701
-
SHA256
922d9b9625b73e108c9faca69fe0d2fb518a42abf09bf5f1ef78e475bbc5cf71
-
SHA512
5b9d7e3837f5ae7b4cc8cf6edc6199707e803997d2d7a2008a73e19bd741195f6a170ec7f397e2480f0f16f70f98c3e995a75d66c71bf72206e43ace446231ff
-
SSDEEP
1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-