General
-
Target
document-1915351743.xls
-
Size
88KB
-
Sample
210222-wx2vgg6hma
-
MD5
976d437fbf1c1598413411d366092cb6
-
SHA1
ab1c382ec0a25bd9881eee9a3401c9e1b78ee4e5
-
SHA256
21944a6a3c05598d1cdc6893c982e22d81344ff8bc8225811691512976aa6bcc
-
SHA512
f77580c1307c71dcbdfb2ee9d0d5bac506929f66b5c98f0e42f55f066b5da8aeaafb3db74eda4fb0cde1dd2d220dbef5a3ffb354b0a31314216f94f654a88eec
Behavioral task
behavioral1
Sample
document-1915351743.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1915351743.xls
Resource
win10v20201028
Malware Config
Extracted
https://miraclecollagen.co.za/ds/1802.gif
Targets
-
-
Target
document-1915351743.xls
-
Size
88KB
-
MD5
976d437fbf1c1598413411d366092cb6
-
SHA1
ab1c382ec0a25bd9881eee9a3401c9e1b78ee4e5
-
SHA256
21944a6a3c05598d1cdc6893c982e22d81344ff8bc8225811691512976aa6bcc
-
SHA512
f77580c1307c71dcbdfb2ee9d0d5bac506929f66b5c98f0e42f55f066b5da8aeaafb3db74eda4fb0cde1dd2d220dbef5a3ffb354b0a31314216f94f654a88eec
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-