General
-
Target
29f4fa56df55b1b53b2a8a6b27d2816436a75153eaf0533cf7d788d7026d8366.xlsm
-
Size
86KB
-
Sample
210304-475dzzyvns
-
MD5
a758f5bfaeb275b5dfaf5be55a8b087b
-
SHA1
eff178dfef00ee753f4a540107632e43ec4a4ef9
-
SHA256
29f4fa56df55b1b53b2a8a6b27d2816436a75153eaf0533cf7d788d7026d8366
-
SHA512
7e96b281aa9433bb05073ff0ee9cb9d94384ef6cf9b801d11d5d420d647c79310f18485fab340afa8d0eb9bcdc64ec7cf885ee5636fc7edcfbbfe54ff208f364
Behavioral task
behavioral1
Sample
29f4fa56df55b1b53b2a8a6b27d2816436a75153eaf0533cf7d788d7026d8366.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
29f4fa56df55b1b53b2a8a6b27d2816436a75153eaf0533cf7d788d7026d8366.xlsm
Resource
win10v20201028
Malware Config
Extracted
https://aonagenarian.eu/3/skp.dll
Targets
-
-
Target
29f4fa56df55b1b53b2a8a6b27d2816436a75153eaf0533cf7d788d7026d8366.xlsm
-
Size
86KB
-
MD5
a758f5bfaeb275b5dfaf5be55a8b087b
-
SHA1
eff178dfef00ee753f4a540107632e43ec4a4ef9
-
SHA256
29f4fa56df55b1b53b2a8a6b27d2816436a75153eaf0533cf7d788d7026d8366
-
SHA512
7e96b281aa9433bb05073ff0ee9cb9d94384ef6cf9b801d11d5d420d647c79310f18485fab340afa8d0eb9bcdc64ec7cf885ee5636fc7edcfbbfe54ff208f364
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-