General
-
Target
document-708243009.xls
-
Size
90KB
-
Sample
210224-wtjhlmnvqn
-
MD5
4e8c2d545ed3c69f409989f13cdd444b
-
SHA1
ad9e73c1059745c4dcef22c42c8d35050ad53197
-
SHA256
cc36eb6128449194cd702b0473d34f924a506d69702f74dd03b968fa31974bb3
-
SHA512
b1dcabe51dff0c7783a3d9ebf79bd88108a7bbd1aeb56d639386d0d7df3160aca910c6cb03b570259481d710f049d89686c57599fe937c68ae566848f7ec0aba
Behavioral task
behavioral1
Sample
document-708243009.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-708243009.xls
Resource
win10v20201028
Malware Config
Extracted
http://31.214.157.206/22.gif
Targets
-
-
Target
document-708243009.xls
-
Size
90KB
-
MD5
4e8c2d545ed3c69f409989f13cdd444b
-
SHA1
ad9e73c1059745c4dcef22c42c8d35050ad53197
-
SHA256
cc36eb6128449194cd702b0473d34f924a506d69702f74dd03b968fa31974bb3
-
SHA512
b1dcabe51dff0c7783a3d9ebf79bd88108a7bbd1aeb56d639386d0d7df3160aca910c6cb03b570259481d710f049d89686c57599fe937c68ae566848f7ec0aba
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-