General
-
Target
9e41bad2948eadda33dfc16e75a5e50e3e0d0babfa0767ec62357c94962ac7cb
-
Size
207KB
-
Sample
191220-xlsv9tw8mx
-
MD5
ba1b44b3c93997dd8a26e8ceda143a91
-
SHA1
6784b653562ff607432934c1d6f8771f2ec4ce2f
-
SHA256
9e41bad2948eadda33dfc16e75a5e50e3e0d0babfa0767ec62357c94962ac7cb
-
SHA512
9c1c3149de8f5178b3b4d376f002d2127418c9639d0d23302a968473afb6561cbbd496be8dd269b14f21bd7bc4299cbc7b1eb8c0c3689c49ec17f22fe84aee12
Task
task1
Sample
9e41bad2948eadda33dfc16e75a5e50e3e0d0babfa0767ec62357c94962ac7cb.doc
Resource
win10v191014
Malware Config
Extracted
https://citationvie.com/wp-includes/F4E7VRR/
https://tapucreative.com/wp-admin/ds54af/
http://driventodaypodcast.com/megaphone/wrm/
http://datrangsuc.com/wp-admin/Szzu2WcG/
http://nguyenquocltd.com/wp-content/p7dl/
Targets
-
-
Target
9e41bad2948eadda33dfc16e75a5e50e3e0d0babfa0767ec62357c94962ac7cb
-
Size
207KB
-
MD5
ba1b44b3c93997dd8a26e8ceda143a91
-
SHA1
6784b653562ff607432934c1d6f8771f2ec4ce2f
-
SHA256
9e41bad2948eadda33dfc16e75a5e50e3e0d0babfa0767ec62357c94962ac7cb
-
SHA512
9c1c3149de8f5178b3b4d376f002d2127418c9639d0d23302a968473afb6561cbbd496be8dd269b14f21bd7bc4299cbc7b1eb8c0c3689c49ec17f22fe84aee12
Score10/10-
Process spawned unexpected child process
-
Executes dropped EXE
-