General
-
Target
20.06.2019_013.93.xls.zip
-
Size
117KB
-
Sample
201121-8cxtkw3c6n
-
MD5
2dbfcd2e71568dcb3f6fdd792694949d
-
SHA1
1895a1bcfe98e96d6d88b45921a959e1710b62bf
-
SHA256
be9bc2040de82b38b1d8dd6db7fc7e226f696fdc0246a2a7e5f26bc6d0811e0c
-
SHA512
d002b1f013cc0a263a7d595e439f3ab0e39961c1ab64806f9f10c09491b1769572f8b4767cbe204e6c34c127538364325daef33bc512de21f977bfbe6304eb53
Static task
static1
Behavioral task
behavioral1
Sample
20.06.2019_013.93.xls
Resource
win10v20201028
Behavioral task
behavioral2
Sample
20.06.2019_013.93.xls
Resource
win10v20201028
Malware Config
Targets
-
-
Target
20.06.2019_013.93.xls
-
Size
168KB
-
MD5
50ff2a788c7ecc088e703cda874394cb
-
SHA1
2755cb7a957bae5c543147ab3f403a2918e66e56
-
SHA256
0e91e6e17f8c8e2f1ae29e13f116c8611cb7679607695eed355025295fb1999a
-
SHA512
249321f005f5b0c0f3172009ec99c441c1830b11d923f557cea4e34587e7f76468d536e7fc2b302c52e07332fc9c959223e7eaa91f9be87cbb1434bf32ff74fd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Use of msiexec (install) with remote resource
-