General
-
Target
_file_attached (80).zip
-
Size
14KB
-
Sample
210303-kppp84dh6x
-
MD5
834f8e40b949d80134cad5f4f251a043
-
SHA1
085281c70a773f3449e46a4d4ca23ce760ae7b17
-
SHA256
9329adb26ba16c6197cf75b2a1454443d614dc4cf6e7d3b910549951438f08c9
-
SHA512
3b64f32f86cb5949a9623d67d3015a03ba8940f7707d473ef4a54cc99ea06332f0e1bd078196d2eeb784bc6ecc0c802f2271c4333f51b76349f03bc77ce34200
Behavioral task
behavioral1
Sample
document-695884905.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-695884905.xls
Resource
win10v20201028
Malware Config
Extracted
http://hqcaz02egeq03bvmhm.com/index.xls
Targets
-
-
Target
document-695884905.xls
-
Size
86KB
-
MD5
90e7ac2eed5035b7295b4ee019257358
-
SHA1
502d65f9861152b55c1a2a2e4361ebb05f06a3df
-
SHA256
88bc6e18fd358baff3a0011428c6a47f33a245ab6c8c4356694943723956dadd
-
SHA512
053ecdac4ba68ad9aa9eb710538c216cb639f36ba977ea1a483afd34e4b3b838903b4b3e78dcca1f45f4a8b202b8a471366ef35bdd87c0f981eb094e888cfb6e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-