General
-
Target
document (60).zip
-
Size
60KB
-
Sample
210225-yd183s1726
-
MD5
d384b9a6272aa640576e4f445a6b4589
-
SHA1
3dedb3057af05132c818ee03b6a40da5610a21e7
-
SHA256
5874238f75457428f416333cd9d9a38b9d3597819b2bec60a32a2a2a48f5fa66
-
SHA512
e273beb1f9452febc976d5f3291455183eaae098517138b4e88b94d5d7d287cd8f670d94d1e913339c3e3990eae6c2e11a7cbc84108de798291ca323a28ce489
Behavioral task
behavioral1
Sample
Document24852.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Document24852.xls
Resource
win10v20201028
Malware Config
Extracted
https://neokenya.co.ke/ds/2402.gif
Targets
-
-
Target
Document24852.xls
-
Size
342KB
-
MD5
a3bdf0de7ffa05fddf6c3e2e4ac70be5
-
SHA1
88ed9dce0a0de22c64699dbf2d3f8800dc4e6a4d
-
SHA256
8aec15f6b8a7cb7fd28c7a6ac60c1925a168e6bdf541de40fa2e4d8473802051
-
SHA512
fd988171e24475461dc0a027a1c24eae2da54f60d83dbcd31ad68643a5e43ad4d3a1bec2f6884ecd6a787e8a077f037248aa4ef29cf6db71d6c4ff10ae7b4883
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-