General
-
Target
maybeice.xlsb.zip
-
Size
72KB
-
Sample
210115-gv1t4a3bks
-
MD5
32007e1be53145847bb0fa2487cf743e
-
SHA1
2bade5f8c666e7d12cafc68d4d321ee95ad58c5b
-
SHA256
a569153acf449f064025b549d36e15c7b2c7fe2f4531c56fd314a58505dee9cd
-
SHA512
f953454f14a2fe9797610575e86a53784f61bfb0fe1b58b7a075cd7033f105d86af7fd3878f2f5227476586e64039cf00f648f848c5e15ade38ff45e96aee73f
Score
10/10
Malware Config
Extracted
Language
xlm4.0
Source
Targets
-
-
Target
maybeice.xlsb
-
Size
80KB
-
MD5
79f07a91462a30ffd08e5d5df0b818f4
-
SHA1
c257b63ed7184c9da9c59318f927a9c948d88261
-
SHA256
547477332bd0dde997b697e6f74110ff4af5b41ad0d71dee3d3f51d4c3db3bc5
-
SHA512
f87242140303ff78e38c642af7416deb078781af3864f7e52b5867f8a792437d48478d169ec291947290515d9d5ba92b8dd92821dcbbaa049e0b66f87ff322a2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-