General
-
Target
document-915839084.xls
-
Size
90KB
-
Sample
210224-ptc4aalzaa
-
MD5
5900268b8d34eca1bb3b6be7fc76dbaf
-
SHA1
5e21e4c39b4dc9feaa7b01d250edfcefe0e6c0d3
-
SHA256
039c9c57897b4cbfc8197254b73c4f555573b852398dd91f34b3e7b5a5dc790c
-
SHA512
cf40422eaff4762162e5b01f7d5916a155b35adde4e29f984cdb58714a892963f6465392c2518b2ce61df517610441d4ea047053ab652fde960dee50a84a4b45
Behavioral task
behavioral1
Sample
document-915839084.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-915839084.xls
Resource
win10v20201028
Malware Config
Extracted
http://45.11.183.181/22.gif
Targets
-
-
Target
document-915839084.xls
-
Size
90KB
-
MD5
5900268b8d34eca1bb3b6be7fc76dbaf
-
SHA1
5e21e4c39b4dc9feaa7b01d250edfcefe0e6c0d3
-
SHA256
039c9c57897b4cbfc8197254b73c4f555573b852398dd91f34b3e7b5a5dc790c
-
SHA512
cf40422eaff4762162e5b01f7d5916a155b35adde4e29f984cdb58714a892963f6465392c2518b2ce61df517610441d4ea047053ab652fde960dee50a84a4b45
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-