General
-
Target
AWB_77056202006065.xlsm.zip
-
Size
73KB
-
Sample
200707-hwvrtrkzex
-
MD5
eb5db77b844e8934196c84121bdbb2fa
-
SHA1
823ebee3821d9742dda281379b951d6bd1675c30
-
SHA256
d9a66ba025d4df0449454d6cb051a136b125a885ef53304372669b2e764f6f4b
-
SHA512
2d5e32327026d7108ab07a9296037940847e3977c82f3a5b4a5738ee7d69aa9987ef025ed9ef4422b82b1057ad59121fa7876b04d489e7ce35b4826413d3b7a4
Static task
static1
Behavioral task
behavioral1
Sample
AWB_77056202006065.xlsm
Resource
win7
Behavioral task
behavioral2
Sample
AWB_77056202006065.xlsm
Resource
win10v200430
Malware Config
Targets
-
-
Target
AWB_77056202006065.xlsm
-
Size
76KB
-
MD5
bda0c09e7b5bc942276961a4a2aee6f8
-
SHA1
d95fa65c6fff05ca8ddd77ae0744dcdaf28eded5
-
SHA256
acf7252ecfbf6eddbc5464ea769f3455bf17a9b0a2dc61abf1a7e8b0ffa7b5ee
-
SHA512
9a835d376be4bbe7d0fc817cb40567107b55f554fa647e10c627e681642e65604f87c0d8ee336092fe677f04fd5dc50d8c66c4c8682af570772ec6ddd8698847
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Drops file in System32 directory
-