General
-
Target
doc (23).zip
-
Size
15KB
-
Sample
210224-z2bqe9fmk2
-
MD5
932dc474494f798a548dfa3bfb252ceb
-
SHA1
059a0755c6524689f818b4bd5f954c9ba8f8d819
-
SHA256
d2ec1ebfaa255b49bd8ad5c1ecf31e9eba808af9ff44f27856819543fb27a5d2
-
SHA512
695726883707654098555699cebae665d2d86a56ad625c7dd5b10c7a5cbf2e0366bf19574f474946c78d51c7fff1b0470893542f004ac508210128b79b20b6de
Behavioral task
behavioral1
Sample
document-138786483.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-138786483.xls
Resource
win10v20201028
Malware Config
Extracted
http://45.11.183.252/22.gif
Targets
-
-
Target
document-138786483.xls
-
Size
90KB
-
MD5
b1c9310142ef6224e26ca26bdcb479db
-
SHA1
c9d1dbe62732bc9c724f4a38dd2feb8d2e080e94
-
SHA256
e6d777b95f57d683235cd90540f284e3a0c69a6f20d69922d4a5ff7e70c07fac
-
SHA512
c625dd815f3e9ab2ee99bd9b06d4e05ee67910627252edbdbc78bc15d72aca49dcaaa6ba18f6bb5f32e0c4997b858b736c4ef8e1bcb6c11b7b5f433bd20fc60f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-