General
-
Target
1.xlsb
-
Size
94KB
-
Sample
210224-5b5z775h6a
-
MD5
a5d0ee6b74e84a983923a2b97142603b
-
SHA1
e716f77cdb97d252d07cd11374e069fe7543c229
-
SHA256
a8efebd244212eb17016ff8e21ed48f5249bf8544bea6ba02cde3f221b1e91a3
-
SHA512
caf8534f7a8ebd77eee01fed8e75d6e6506445aa40c3aca2feb41a4dd6d631978cde9c5e6d39086086c0c6f1924629ba21aa309ab4bc669c7f0d2e452666b664
Score
10/10
Malware Config
Extracted
Language
xlm4.0
Source
URLs
xlm40.dropper
http://139.162.167.231/campo/t3/t3
Targets
-
-
Target
1.xlsb
-
Size
94KB
-
MD5
a5d0ee6b74e84a983923a2b97142603b
-
SHA1
e716f77cdb97d252d07cd11374e069fe7543c229
-
SHA256
a8efebd244212eb17016ff8e21ed48f5249bf8544bea6ba02cde3f221b1e91a3
-
SHA512
caf8534f7a8ebd77eee01fed8e75d6e6506445aa40c3aca2feb41a4dd6d631978cde9c5e6d39086086c0c6f1924629ba21aa309ab4bc669c7f0d2e452666b664
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-