General
-
Target
SecuriteInfo.com.Heur.2891.797
-
Size
90KB
-
Sample
210224-wphpjnwc1s
-
MD5
b6b86337d6e1d9cb108c5280b625c268
-
SHA1
667f73369e3101f8dbb94a32c4cd5c4af41098e6
-
SHA256
8646dbe5e97c1e1e11d497a899423d8615c3af59e950423e64c56491effb9cb9
-
SHA512
6589e8bd1e1704c5ef2b37a68362be962dcc7aa94156c6499d7cbd4b8a00dca10085dca83986dba8daa1697787d08aee52eb7f49276c5931bf4e023de9b4e526
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Heur.2891.797.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Heur.2891.797.xls
Resource
win10v20201028
Malware Config
Extracted
http://45.11.183.181/22.gif
Targets
-
-
Target
SecuriteInfo.com.Heur.2891.797
-
Size
90KB
-
MD5
b6b86337d6e1d9cb108c5280b625c268
-
SHA1
667f73369e3101f8dbb94a32c4cd5c4af41098e6
-
SHA256
8646dbe5e97c1e1e11d497a899423d8615c3af59e950423e64c56491effb9cb9
-
SHA512
6589e8bd1e1704c5ef2b37a68362be962dcc7aa94156c6499d7cbd4b8a00dca10085dca83986dba8daa1697787d08aee52eb7f49276c5931bf4e023de9b4e526
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-