General
-
Target
Debt-Details-1079974432-02252021.zip
-
Size
28KB
-
Sample
210225-a1qm3vax7j
-
MD5
f8f92d25d399ed2b40bed762409a9f26
-
SHA1
c92c3386090dbcc3fb0ca723cbe217d32f1867e5
-
SHA256
3016ad8d9418bc30421c779be309c68eaa064a13d40727627cbe9c57f995f42c
-
SHA512
0e07d4fb20dea7f0b006ef505876130f19376dd5ec39d51fb93d6c1de16b34040fb6a2a2cbb42fafea8f8692b8954cfbbd32198d024e4227e5dfaa4d39b8eec4
Malware Config
Extracted
http://oxcoz.com/nydprgwf/44252818086689800000.dat
http://sharonbrockway.com/favohwn/44252818086689800000.dat
http://outgrowmeinie.com/wcuiugnrebpk/44252818086689800000.dat
http://sarayutseena-001-site1.gtempurl.com/kecljmkhyl/44252818086689800000.dat
http://gtrans.group/prduod/44252818086689800000.dat
Targets
-
-
Target
Debt-Details-1079974432-02252021.xls
-
Size
144KB
-
MD5
f5bf351cca549099a92b38ff7f3a7962
-
SHA1
bdf84c623a49543814102c748aa348f49d971a83
-
SHA256
9a72cb0036d2f16a513aa2b62e5218ff386f3bec4a19b4ed219555d4c929ad31
-
SHA512
8c648dd5d7805dbbf04e22b3459fd40b5ff1de33eecb87ca14f9ba334c519d3af996a95a5df3ccf374a0bcfa275501b2ba7ad7d66638eb77d3ce7e6461c6e01e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-