General
-
Target
form_05241580.xls
-
Size
274KB
-
Sample
200716-zc2amkkpaj
-
MD5
7a6d0e715445d634d46c1276fc436ccf
-
SHA1
c0cdce5e9b8566a53d32c8b3c2fc759263627972
-
SHA256
e0f9d5d4e662c52d511d844f59fc9e13f998346948183969c13968651a273482
-
SHA512
cfe4bb24a98574d446d9759a0b1cca634d641ef6a34140bb1fc171e66555ee22796116696af9080ed74fc34c0d0aecaca1e41336455e059b06ed059a0d803312
Malware Config
Targets
-
-
Target
form_05241580.xls
-
Size
274KB
-
MD5
7a6d0e715445d634d46c1276fc436ccf
-
SHA1
c0cdce5e9b8566a53d32c8b3c2fc759263627972
-
SHA256
e0f9d5d4e662c52d511d844f59fc9e13f998346948183969c13968651a273482
-
SHA512
cfe4bb24a98574d446d9759a0b1cca634d641ef6a34140bb1fc171e66555ee22796116696af9080ed74fc34c0d0aecaca1e41336455e059b06ed059a0d803312
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates connected drives
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-