General
-
Target
documents (79).xls
-
Size
317KB
-
Sample
210224-cvv9cspzks
-
MD5
83f047c8d6fd8f7bb4aa264ab9b7eb77
-
SHA1
a92e398af146f092ee39c32a4be6c7875ca51a42
-
SHA256
18a2d9d6fdd4d1551115ed1c6b224678798fd807ea4eae3d2c9f400c3132d543
-
SHA512
f351a7d9ab66944ac36f65f8a1fcaddceedf9fe02a33d372af88b443a7bbd3ef9f64ab943046ab54b6cf49df83623aa25a75b1deab5cf5639cf00e9037e4a867
Behavioral task
behavioral1
Sample
documents (79).xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
documents (79).xls
Resource
win10v20201028
Malware Config
Extracted
https://pricer.civilta.in/ds/1602.gif
Targets
-
-
Target
documents (79).xls
-
Size
317KB
-
MD5
83f047c8d6fd8f7bb4aa264ab9b7eb77
-
SHA1
a92e398af146f092ee39c32a4be6c7875ca51a42
-
SHA256
18a2d9d6fdd4d1551115ed1c6b224678798fd807ea4eae3d2c9f400c3132d543
-
SHA512
f351a7d9ab66944ac36f65f8a1fcaddceedf9fe02a33d372af88b443a7bbd3ef9f64ab943046ab54b6cf49df83623aa25a75b1deab5cf5639cf00e9037e4a867
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-