General
-
Target
3d6efe59037f7b5399b5ca0b40fa9ed242894f5be067473ef67c415fdac3fe08
-
Size
12KB
-
Sample
241121-2f5rxstjak
-
MD5
246f6e341a018a190858461e5d70a3d5
-
SHA1
ab7fc9fce66be0adab63ba60bced3917af44111c
-
SHA256
3d6efe59037f7b5399b5ca0b40fa9ed242894f5be067473ef67c415fdac3fe08
-
SHA512
ad27e2028b5f9c1bce4ae16a868cedf42ca2a76350189eb17d086f76774e84af1b38e6e1fc97ed9b91516822feac6061f2bfbb3697aad8ca7681d53052397d93
-
SSDEEP
192:fSPwABUTshE2sOcupEZZezsHN3grRwyCawd2lYq0vGiENSqE7n+V63dWiiml:xTsdA2EGcoWat6qQ8JEy6NWc
Static task
static1
Behavioral task
behavioral1
Sample
6ffda0323b69bb875a8360bcdd18b398a463d3de88bb11e6511a3b3bffe5b753.xlsm
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6ffda0323b69bb875a8360bcdd18b398a463d3de88bb11e6511a3b3bffe5b753.xlsm
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://84.252.122.205/xcx/system.exe
Targets
-
-
Target
6ffda0323b69bb875a8360bcdd18b398a463d3de88bb11e6511a3b3bffe5b753
-
Size
14KB
-
MD5
70820ac2bb527bb0a10747a06d2c2b0b
-
SHA1
7289b7ddcdcaa9450c27e1579f36d67a544cee80
-
SHA256
6ffda0323b69bb875a8360bcdd18b398a463d3de88bb11e6511a3b3bffe5b753
-
SHA512
64be67485be70ac5aa2539a88c9846282d7178e13a46895d4686ff0ce79378bf9ed4ee7bec00cb88abc0e2e8bb41a9b9ef38aa4ff25b4e4dc6334a96ad1ee4b5
-
SSDEEP
384:A0z+vPw85+pkQ1z7fMc+8Pty4jZwENYBp7zMLmh:p+3ZgkKzDMCXjZwENmdKk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Deletes itself
-