General
-
Target
invoice68684881.xls
-
Size
228KB
-
Sample
210119-m43jl86ghx
-
MD5
1a7cd8bd3fcf0b4a7f351a148dc7e40a
-
SHA1
e336117d94537924cf4ecef038231b29bafdf261
-
SHA256
279bf00b0c81ab8baeb09989215ad376377c40a3abd4358d041ec06746c986fe
-
SHA512
7fe9785c22a2be59dba2e7e8974a4c7196522c17e6a3ed6591af2354ee2a601defc6ff023575043063d9dcde1e37211c49aad3cfab71840d312b191ab89d7c63
Behavioral task
behavioral1
Sample
invoice68684881.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
invoice68684881.xls
Resource
win10v20201028
Malware Config
Extracted
https://cutt.ly/fjYtydH
Targets
-
-
Target
invoice68684881.xls
-
Size
228KB
-
MD5
1a7cd8bd3fcf0b4a7f351a148dc7e40a
-
SHA1
e336117d94537924cf4ecef038231b29bafdf261
-
SHA256
279bf00b0c81ab8baeb09989215ad376377c40a3abd4358d041ec06746c986fe
-
SHA512
7fe9785c22a2be59dba2e7e8974a4c7196522c17e6a3ed6591af2354ee2a601defc6ff023575043063d9dcde1e37211c49aad3cfab71840d312b191ab89d7c63
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-