General
-
Target
d85b3c0bee9a537ec923c070fde22f9e275130ab2c3e031397796cc856a44588
-
Size
25KB
-
Sample
210114-lkx7m5c25x
-
MD5
c22078f129f1d702314102bc47fa5a77
-
SHA1
b9fb91344d5276c9ca779867fecea5ac80c89f21
-
SHA256
d85b3c0bee9a537ec923c070fde22f9e275130ab2c3e031397796cc856a44588
-
SHA512
aad36bb3ce63f59fae9b4d66ec5a6921edba8903c684746021a44c04817635513cedf48fb34bd69c14637874313de66a7e5d623dd36011bffae1728e7398cd9e
Behavioral task
behavioral1
Sample
d85b3c0bee9a537ec923c070fde22f9e275130ab2c3e031397796cc856a44588.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
d85b3c0bee9a537ec923c070fde22f9e275130ab2c3e031397796cc856a44588.xlsm
Resource
win10v20201028
Malware Config
Extracted
http://nicknewsteadconstructions.com.au/zhsvrgfcs/55555555555.jpg
Targets
-
-
Target
d85b3c0bee9a537ec923c070fde22f9e275130ab2c3e031397796cc856a44588
-
Size
25KB
-
MD5
c22078f129f1d702314102bc47fa5a77
-
SHA1
b9fb91344d5276c9ca779867fecea5ac80c89f21
-
SHA256
d85b3c0bee9a537ec923c070fde22f9e275130ab2c3e031397796cc856a44588
-
SHA512
aad36bb3ce63f59fae9b4d66ec5a6921edba8903c684746021a44c04817635513cedf48fb34bd69c14637874313de66a7e5d623dd36011bffae1728e7398cd9e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-