General
-
Target
prepared (14).zip
-
Size
14KB
-
Sample
210304-9z5reqa6f6
-
MD5
959560829c5f13508c90df16b70f3ce0
-
SHA1
c1645ae04865a4803f049beda131e3a2c7b70001
-
SHA256
4d7a8454b0c02290f56b0b4f6ca7179c97c0e8968ca11703df7791f23b7efb78
-
SHA512
24ae30063fd425e1d12dc058cd5b982a2fe72c55b511e84746f77966264d5a36de841b9bdfb46802954ea5fde6719f7e06ad2b2819f6922788e33e6dd215843a
Behavioral task
behavioral1
Sample
document-2085338455.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-2085338455.xls
Resource
win10v20201028
Malware Config
Extracted
http://inpa02lzjvt03anas.com/index.xls
Targets
-
-
Target
document-2085338455.xls
-
Size
86KB
-
MD5
8b83dc8f696b7f05e96b2eeffaf79958
-
SHA1
7e7898cf19dff89da705339b262e9ee07afb5165
-
SHA256
527294d886bd4fe9eb2d98e9b1fd58e0b5ac2c30c7f57946a137609e7a25a06b
-
SHA512
68c0b05649251b477496a34577f38b96449369d09b8d7c0e16d8f02a8ace55f8fa07120da39f8c0800366006e50717fb2e514a70fc6f270f10c577d30245b25a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-