General
-
Target
PQ_7498.xls
-
Size
33KB
-
Sample
210119-zb7b1ftkh2
-
MD5
20ce34e6dfd1f17d5e1e8564167c23bd
-
SHA1
984045d9a670b781f4712611c87cc191380ef6f9
-
SHA256
f9adf499bc16bfd096e00bc59c3233f022dec20c20440100d56e58610e4aded3
-
SHA512
ef7fddfbbdb40f6b75d838397cad454a51822cbfec5e2dfbb8401784c518de74e9d707f9c44db2054be208735dba903035f1b75d7384fec5dc4c78275494514b
Behavioral task
behavioral1
Sample
PQ_7498.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
PQ_7498.xls
Resource
win10v20201028
Malware Config
Extracted
http://indiamedicalshow.com/visitors.php
Targets
-
-
Target
PQ_7498.xls
-
Size
33KB
-
MD5
20ce34e6dfd1f17d5e1e8564167c23bd
-
SHA1
984045d9a670b781f4712611c87cc191380ef6f9
-
SHA256
f9adf499bc16bfd096e00bc59c3233f022dec20c20440100d56e58610e4aded3
-
SHA512
ef7fddfbbdb40f6b75d838397cad454a51822cbfec5e2dfbb8401784c518de74e9d707f9c44db2054be208735dba903035f1b75d7384fec5dc4c78275494514b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
JavaScript code in executable
-