General
-
Target
Attachment_98708.xlsb
-
Size
197KB
-
Sample
210302-c4trj9swea
-
MD5
dd5169f2cfc9499eb9eef5ddf6862fb9
-
SHA1
e3730d93ee0d88808dbe566c84bca090a3fe7dcc
-
SHA256
56de3c08f5bebe5e57a644e893eb944479991c2bf3c9e814572b53313e16c28d
-
SHA512
577d9a6c7eab62aa87e779ebba4e8451fcac7fd8c8b9d8cdc04ba1bd42b889fa1652fc30c72481cfde7c63722e0943202a576e6e37b165d6289413fb3c8c0434
Malware Config
Extracted
http://195.123.219.21/campo/t3/t3
Targets
-
-
Target
Attachment_98708.xlsb
-
Size
197KB
-
MD5
dd5169f2cfc9499eb9eef5ddf6862fb9
-
SHA1
e3730d93ee0d88808dbe566c84bca090a3fe7dcc
-
SHA256
56de3c08f5bebe5e57a644e893eb944479991c2bf3c9e814572b53313e16c28d
-
SHA512
577d9a6c7eab62aa87e779ebba4e8451fcac7fd8c8b9d8cdc04ba1bd42b889fa1652fc30c72481cfde7c63722e0943202a576e6e37b165d6289413fb3c8c0434
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-