General
-
Target
Debt-Details-1527793772-02252021.zip
-
Size
28KB
-
Sample
210225-j6qev4eana
-
MD5
dceef3d61d83959b6f290ab4b5642d60
-
SHA1
13313eb52e92b5b0f42cec69f670b9152fd35937
-
SHA256
20216257e83112cb3eca30d88f4824f553e0f557126a3cdf1dfb9be45e1707e4
-
SHA512
2a45e3305fed88a799a10435c090e9decd7a6aeef1e50a06501240eca8fdf2ed57e6b250aa17942b84ea0e2ae99b8cef210417da389ccbc262b2b2d5ed12a3ac
Behavioral task
behavioral1
Sample
Debt-Details-1527793772-02252021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Debt-Details-1527793772-02252021.xls
Resource
win10v20201028
Malware Config
Extracted
http://oxcoz.com/nydprgwf/44252854339699100000.dat
http://sharonbrockway.com/favohwn/44252854339699100000.dat
http://outgrowmeinie.com/wcuiugnrebpk/44252854339699100000.dat
http://sarayutseena-001-site1.gtempurl.com/kecljmkhyl/44252854339699100000.dat
http://gtrans.group/prduod/44252854339699100000.dat
Targets
-
-
Target
Debt-Details-1527793772-02252021.xls
-
Size
144KB
-
MD5
de8ff1c066ee81de11ef836d96bfc75d
-
SHA1
cfcf197bb22f00fdb232003c6811826da3a4a035
-
SHA256
d9db49a3ae43c585dc2d9ce9d41a1e284aa69bf74d3959f6406a22f86934a2d8
-
SHA512
e881a2588eb5e74d09cb1c670c034d3c159e7e3d084401d319fa282bb965bf4a18e9fe4e5666a83d32fde7e3dcd6526846031aa9e6138f6d318b8c76d0119f6c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-