General
-
Target
664f0db47f4835308b2b7ad59130953cd2b2c7da1aecbedf4bad18b1f480323b
-
Size
80KB
-
Sample
241120-p7mn7sxfjk
-
MD5
804a53940dbf5a13917c0752f466f435
-
SHA1
413f73d1dddf8d051b2bce50c57092f9c123476e
-
SHA256
664f0db47f4835308b2b7ad59130953cd2b2c7da1aecbedf4bad18b1f480323b
-
SHA512
400c2397918e1e4e9e5edf493852b448553202f27a24da0188fb736d2062bac299bed00bccc7b1b70ef101f96bd35539bc3ce36b0b9e7d1a4a76c2b2f882774c
-
SSDEEP
1536:ROOKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG7HuS4VcTO9/r7UYdEJe5:RBKpb8rGYrMPe3q7Q0XV5xtezEsi8/dk
Behavioral task
behavioral1
Sample
664f0db47f4835308b2b7ad59130953cd2b2c7da1aecbedf4bad18b1f480323b.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
664f0db47f4835308b2b7ad59130953cd2b2c7da1aecbedf4bad18b1f480323b.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://centaurussits.com/assets/FL/
http://cansal.cl/cgi-bin/besSIJTfOk0DtHZR/
http://chalkie.me.uk/cgi-bin/gMLuebzG2RskkJXwY/
http://www.cecambrils.cat/wp-content/0KwOSfNDESlzVMoc/
Targets
-
-
Target
664f0db47f4835308b2b7ad59130953cd2b2c7da1aecbedf4bad18b1f480323b
-
Size
80KB
-
MD5
804a53940dbf5a13917c0752f466f435
-
SHA1
413f73d1dddf8d051b2bce50c57092f9c123476e
-
SHA256
664f0db47f4835308b2b7ad59130953cd2b2c7da1aecbedf4bad18b1f480323b
-
SHA512
400c2397918e1e4e9e5edf493852b448553202f27a24da0188fb736d2062bac299bed00bccc7b1b70ef101f96bd35539bc3ce36b0b9e7d1a4a76c2b2f882774c
-
SSDEEP
1536:ROOKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG7HuS4VcTO9/r7UYdEJe5:RBKpb8rGYrMPe3q7Q0XV5xtezEsi8/dk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-