General
-
Target
_file_attached (35).zip
-
Size
15KB
-
Sample
210224-jx45sshc82
-
MD5
a5271ceb1f9ab5cea53e7dc1b5b194a7
-
SHA1
ae00a11a491dd5e584e73325face4bf81186d380
-
SHA256
04e8dc18a0e8bf98a38384cf6d37e6e8bb9f4aabf3af0e4f3174d278fc50e537
-
SHA512
b4114c9f9f9d09521986a002da5a5943ff89995908047ee2ca31946521be7604c538a807ab400bb5fcdd8b3d99484b488a2d30c10aa6ae0e5beb5e786c9c085a
Behavioral task
behavioral1
Sample
document-1251291620.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1251291620.xls
Resource
win10v20201028
Malware Config
Extracted
http://185.212.47.84/22.gif
Targets
-
-
Target
document-1251291620.xls
-
Size
90KB
-
MD5
66c18bb0b9dde900222b78910d60610e
-
SHA1
57103a5bb0ac103d3a190992c70a8d80ab69570d
-
SHA256
543fea0b4bac507005bcbc272fe86ae535411c709db2ce8c4b71cceb7c8ea717
-
SHA512
fea9b2f83e887dcdf9695ac83ca0070c8b5ee0507a1d3080007ba7b9e7ecd79d5e597547930f490c9d652ec6b567e80a9345f5cfe703706f3a6a4ef3ab1ea55a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-