General
-
Target
order_receipt.xls
-
Size
276KB
-
Sample
210114-3dy8g112zj
-
MD5
66ca579b793dc4367aba256fa62f9bf2
-
SHA1
deb4047fdd1b203d4202cc716df2d01a35730229
-
SHA256
1c01354cd22e2e101476aeeb6fea291060ff0b536e5761766ba2d7a60facdea6
-
SHA512
14ac4a17869bb546b58ace488c9d5d14df7fc3ddeb40b9dd26529bcff132cf6c6fdcd7a601080058f9b51f83528123823f0a413adf7904377480b6cdee5095a6
Behavioral task
behavioral1
Sample
order_receipt.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
order_receipt.xls
Resource
win10v20201028
Malware Config
Extracted
https://cutt.ly/8jmDPVb
Targets
-
-
Target
order_receipt.xls
-
Size
276KB
-
MD5
66ca579b793dc4367aba256fa62f9bf2
-
SHA1
deb4047fdd1b203d4202cc716df2d01a35730229
-
SHA256
1c01354cd22e2e101476aeeb6fea291060ff0b536e5761766ba2d7a60facdea6
-
SHA512
14ac4a17869bb546b58ace488c9d5d14df7fc3ddeb40b9dd26529bcff132cf6c6fdcd7a601080058f9b51f83528123823f0a413adf7904377480b6cdee5095a6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-