General
-
Target
collected (83).zip
-
Size
15KB
-
Sample
210225-jtpjc6ypj6
-
MD5
47ddde3a2a966936b0c450487a8e2b3c
-
SHA1
0403b5bb0255ced7ab75b1e6bffe5e516af90af2
-
SHA256
c7cfa6a32f433a067cdc28b90f3aa4216162ffec5b5f6191b512cc7ac036576c
-
SHA512
7423ccf97cdec253aca8cc72e27409b0b5bb15ba500cb5341a4f02e2b7dea3f55f3f21c2fd6760c9b8eb39b0c0f16846abce31af1499a5b730090fe15f5fb21e
Behavioral task
behavioral1
Sample
document-1113685689.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1113685689.xls
Resource
win10v20201028
Malware Config
Extracted
http://ghtyrncjf2df.com/fb26.gif
Targets
-
-
Target
document-1113685689.xls
-
Size
88KB
-
MD5
3d1e394bc230e5fdb0d8fe7df89882c3
-
SHA1
b0f13a43258b0f8f82c3ebbcd3f4657b87156005
-
SHA256
7c6704e534bab82cd948988dcbf0daa8074f3bea95574646854a5563d323016a
-
SHA512
73bac3e4e6b2954a980f60db3bd38c059dee5984c0c62c01dc4639f1dfceb01d8dd31d7de76bd96bc3f33a94de2a3c378b751ba644be2637b72d44e8517852d5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-