General
-
Target
26aff9db2c1eff028cb1bd89235b9ef1b171cec86d6272dc791abb04f75afb42
-
Size
243KB
-
Sample
241121-a1wafawgpg
-
MD5
b4a59bca88d855a885cbc2cbc0e3fd53
-
SHA1
678909ea475580709b65df327e072f599756f544
-
SHA256
26aff9db2c1eff028cb1bd89235b9ef1b171cec86d6272dc791abb04f75afb42
-
SHA512
05f7fe2ab707850c225be7715dd58a355c59bf92cdef1c0a2069c9b6c0445a902851ee58ba95086a53876eedf87583ede26d53b28ae94ff320010387d36f08a8
-
SSDEEP
6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0Y:ghEXs5fXR8rsNT
Behavioral task
behavioral1
Sample
26aff9db2c1eff028cb1bd89235b9ef1b171cec86d6272dc791abb04f75afb42.xls
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
26aff9db2c1eff028cb1bd89235b9ef1b171cec86d6272dc791abb04f75afb42.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://servidorcarlosydavid.es/wp-admin/jkNPgHxNjF/
https://gmo-sol-p10.heteml.jp/includes/UoJMgYAc1EES/
https://iashanghai.cn/z/Z1PG6ulBh20plss/
https://www.pasionportufuturo.pe/wp-content/HkUfvw0xuCy5/
http://dmdagents.com.au/vqwbgz/CL4Bo4C4VS0deg/
Targets
-
-
Target
26aff9db2c1eff028cb1bd89235b9ef1b171cec86d6272dc791abb04f75afb42
-
Size
243KB
-
MD5
b4a59bca88d855a885cbc2cbc0e3fd53
-
SHA1
678909ea475580709b65df327e072f599756f544
-
SHA256
26aff9db2c1eff028cb1bd89235b9ef1b171cec86d6272dc791abb04f75afb42
-
SHA512
05f7fe2ab707850c225be7715dd58a355c59bf92cdef1c0a2069c9b6c0445a902851ee58ba95086a53876eedf87583ede26d53b28ae94ff320010387d36f08a8
-
SSDEEP
6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0Y:ghEXs5fXR8rsNT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-