General
-
Target
document-1658382848.xls
-
Size
86KB
-
Sample
210302-gvpfr5awx2
-
MD5
5e859daee19655d7dd942b0c414bc753
-
SHA1
f43c7c5aa633ba161eaebd09316a4949bca8e061
-
SHA256
09eafcde17b69cdb1de3d8230b9367c91627d50145c307ddc98564bf5f4cb5e8
-
SHA512
f57b52319adc747c8158dcb6da990c2bde980383e5f05d9423382e1a543d5fde04d1083f2f1fe9f0e283ab2d5448d4c862ef4a993db0725fd637c938cbffdbc3
Behavioral task
behavioral1
Sample
document-1658382848.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1658382848.xls
Resource
win10v20201028
Malware Config
Extracted
http://rea26ypgvle02hcbunp.com/fera/frid.gif
Targets
-
-
Target
document-1658382848.xls
-
Size
86KB
-
MD5
5e859daee19655d7dd942b0c414bc753
-
SHA1
f43c7c5aa633ba161eaebd09316a4949bca8e061
-
SHA256
09eafcde17b69cdb1de3d8230b9367c91627d50145c307ddc98564bf5f4cb5e8
-
SHA512
f57b52319adc747c8158dcb6da990c2bde980383e5f05d9423382e1a543d5fde04d1083f2f1fe9f0e283ab2d5448d4c862ef4a993db0725fd637c938cbffdbc3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-