General
-
Target
Attachment_97504.xlsb
-
Size
197KB
-
Sample
210302-dr24b97v6s
-
MD5
5c5ef91f7bdb367537ceadab633f0723
-
SHA1
ca774e6f3cfb98d736ce1c385d1f73b0a293b2a0
-
SHA256
bcaa5fe5865a1a230a51fe5b0214499dafb1b937378268c9bbfd5fd5e84fdb15
-
SHA512
bc7d55eb89b7da06beb53c148337e10cbea9d4d67474d79b355be5cf80d3183558e21a6a7fb2e50c9a6c0d2348114e886cb1f095c6f64262ca857f362b344b8b
Behavioral task
behavioral1
Sample
Attachment_97504.xlsb
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Attachment_97504.xlsb
Resource
win10v20201028
Malware Config
Extracted
http://195.123.219.21/campo/t3/t3
Targets
-
-
Target
Attachment_97504.xlsb
-
Size
197KB
-
MD5
5c5ef91f7bdb367537ceadab633f0723
-
SHA1
ca774e6f3cfb98d736ce1c385d1f73b0a293b2a0
-
SHA256
bcaa5fe5865a1a230a51fe5b0214499dafb1b937378268c9bbfd5fd5e84fdb15
-
SHA512
bc7d55eb89b7da06beb53c148337e10cbea9d4d67474d79b355be5cf80d3183558e21a6a7fb2e50c9a6c0d2348114e886cb1f095c6f64262ca857f362b344b8b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-