General
-
Target
Attachment_97775.xlsb
-
Size
197KB
-
Sample
210302-fbzpydykj6
-
MD5
f3816c84f0ba476a6a110432d3f15b0b
-
SHA1
75b31cd545c4d84116a387430ee4f87d08298cdc
-
SHA256
5678487ef48332defdc02c465cd87285393b4003809ea95a7ae1355bcb6dab53
-
SHA512
32f34a80536137247016592446138d2e3ab4e3d8a3bfc1e27b857b5056bcd702cdae29330e77ec9189a7ee76fba9c43a7406f51f23719727f7c4af47eff29a30
Behavioral task
behavioral1
Sample
Attachment_97775.xlsb
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Attachment_97775.xlsb
Resource
win10v20201028
Malware Config
Extracted
http://195.123.219.21/campo/t3/t3
Targets
-
-
Target
Attachment_97775.xlsb
-
Size
197KB
-
MD5
f3816c84f0ba476a6a110432d3f15b0b
-
SHA1
75b31cd545c4d84116a387430ee4f87d08298cdc
-
SHA256
5678487ef48332defdc02c465cd87285393b4003809ea95a7ae1355bcb6dab53
-
SHA512
32f34a80536137247016592446138d2e3ab4e3d8a3bfc1e27b857b5056bcd702cdae29330e77ec9189a7ee76fba9c43a7406f51f23719727f7c4af47eff29a30
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-