General
-
Target
invoice.zip
-
Size
16KB
-
Sample
250520-rbae4sdp6x
-
MD5
0fa0f1b660962d4a4d1cd6782a03db05
-
SHA1
a9a49f19c8e2be6ad92ed93786f7af8beb6772e2
-
SHA256
01c5ea93f845b8f993007e6371a3d7ef511831a165e558485b42afabd71377cd
-
SHA512
a4638de7828c2dc5a9d8274d206923f163e6d07a183d263b0aba685565ef92be5a7949a0f1b821c7549f91af044b7e578d0f3b12f753186eb219229523c92a29
-
SSDEEP
384:Z5BnbC5w6JIG9M5PM27Ii4//Rsqo9nwEDDtEx0pempI:lCx9Mxzn4//UFwEixBmpI
Behavioral task
behavioral1
Sample
invoice.doc
Resource
win10v2004-20250502-en
Malware Config
Extracted
https://45.77.65.211:443
Targets
-
-
Target
invoice.doc
-
Size
233KB
-
MD5
3709eef2d72de0de72649ebdaf3e4082
-
SHA1
2e7300cfb6f747b9795b59d74366c46efa0e4166
-
SHA256
d8834aaa5ad6d8ee5ae71e042aca5cab960e73a6827e45339620359633608cf1
-
SHA512
61fbe2d9384ff0a9e0ec707df7aaedf8be3435278367655dad17ddce2a4650aefe1f36425da261367bee1590f3fd4334de419902b06347d4786bdcb31f648d30
-
SSDEEP
384:j6YoOWSjwBzKQ6808m3tdgUwyckkS+wuVcCGi:j6adw8D0yah
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-