General
-
Target
Document_72441.xlsb
-
Size
104KB
-
Sample
210223-qjdgnnyqze
-
MD5
dd6c4275c1b7b761b6f96a7e1e2f3607
-
SHA1
7561dbf6f8dffc6a4cae79479b7ec13d583bed09
-
SHA256
90eaa2cad98fbc84a9d90ac928056cda73328ba6f55574b9cd3e9cb7a8ae9df2
-
SHA512
599b4e4a4bf50680b9d45a1f53292dfb6ff2fdd7b35ab8472dd4fd9c6ad99acbdae1c2e160bb16e537f9476e64453e3cbccbf3a0c23aa13c04f4768ab6a22d1e
Malware Config
Extracted
http://172.105.70.225/campo/t2/t2
Targets
-
-
Target
Document_72441.xlsb
-
Size
104KB
-
MD5
dd6c4275c1b7b761b6f96a7e1e2f3607
-
SHA1
7561dbf6f8dffc6a4cae79479b7ec13d583bed09
-
SHA256
90eaa2cad98fbc84a9d90ac928056cda73328ba6f55574b9cd3e9cb7a8ae9df2
-
SHA512
599b4e4a4bf50680b9d45a1f53292dfb6ff2fdd7b35ab8472dd4fd9c6ad99acbdae1c2e160bb16e537f9476e64453e3cbccbf3a0c23aa13c04f4768ab6a22d1e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-