General
-
Target
1E66C639F157FA066C2E4070A46CB0AF32548F4FBA63684120513433059CD26D.zip
-
Size
37KB
-
Sample
210114-6ls1dsdmtn
-
MD5
a63a11317d422896ef6129a030fd14f5
-
SHA1
c8c465c22ab31dd6b68f90720aa798b73125a4f3
-
SHA256
e3800768bbe39dd0cee94fc9b9c3302d025b66699b6c7d3ed322fb5a16eb8aad
-
SHA512
ac9065ac16e433a2df5711ed8cc282aa8b659c857772af2d00b7ea16f9138ca9945112494bf14819126b31dd809780ba63e07a7efd6caa410c2e76a05fb72392
Behavioral task
behavioral1
Sample
1E66C639F157FA066C2E4070A46CB0AF32548F4FBA63684120513433059CD26D.xlsm
Resource
win7v20201028
Malware Config
Extracted
https://mindmap.monster/fzqdqni9.zip
Targets
-
-
Target
1E66C639F157FA066C2E4070A46CB0AF32548F4FBA63684120513433059CD26D.xlsm
-
Size
41KB
-
MD5
032734a3c93c44855955d4769b7ded98
-
SHA1
f38cd18659e0fb5d862bac1d9f24691dda4a292c
-
SHA256
1e66c639f157fa066c2e4070a46cb0af32548f4fba63684120513433059cd26d
-
SHA512
cd662cd2810fef6a50e9ad4fc9c43e2e56d6c6329a432a19709ea410e3cd8d6f5308a04a8f3f82604dea3e0c8aaa7b3d9959ad8815b097acf11207b32ba41ba9
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-