General
-
Target
documents (51).zip
-
Size
15KB
-
Sample
210220-ndsz9kyl7n
-
MD5
3a71d3433d39edc3a5489f50fd9e6e44
-
SHA1
06e88807902f6746621cab05d0e757253300fc90
-
SHA256
bf63b4c1daf0659b61d9c90cd76e05e8b0c488d6d619178388ab867ca53b0edd
-
SHA512
6aa6145469abcaa3f9cad0e9c10608f737e9c0190eff6c85e0bf5ad26e287d58e07cfec59f7ee04435cfa0a04ee16c4a8ae5becb7ba937ea5d024141877b433b
Behavioral task
behavioral1
Sample
document-871813132.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-871813132.xls
Resource
win10v20201028
Malware Config
Extracted
https://semanadaquebradeparadigmas.com.br/ds/1902.gif
Targets
-
-
Target
document-871813132.xls
-
Size
89KB
-
MD5
b513cec51f27439d29fac0f50dddfc2e
-
SHA1
f13417ee00c33d16b6cc23772710dafcddcbe7df
-
SHA256
56c3b93db9d347f6ce801f8100d58561d60fa111ae394278471eb0713c799ef8
-
SHA512
b258dcbfd69d264639d4bc8e06ce77d75f9f2ac256114ff49dc58225135779a9b0fc418d4bd5dc00ac1f6df57003dc46afd2093b5d1e3757bd42622981bbd10d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-