General
-
Target
SecuriteInfo.com.Heur.19855.27653
-
Size
188KB
-
Sample
210304-lp8dqt1wax
-
MD5
49c3ee8fcf4d2f83e866019b95b0a557
-
SHA1
776b5f34cd7f5900b3c9fc98e7b65e1115bfad9f
-
SHA256
dbd58df04d603694d9997d6c0037781491109fe61473b61e3593ffe0ba40f680
-
SHA512
e8f57daa29deb1709850e06693db9025f66a37ee92f7e56054a7fd4e4b280c4ed4d8b70f0d49e854ddda6a9ba916e6dd83e6ec66bd7344e323e00388a62663d3
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Heur.19855.27653.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Heur.19855.27653.xls
Resource
win10v20201028
Malware Config
Extracted
http://davidachim.com/wpold/document.php
Targets
-
-
Target
SecuriteInfo.com.Heur.19855.27653
-
Size
188KB
-
MD5
49c3ee8fcf4d2f83e866019b95b0a557
-
SHA1
776b5f34cd7f5900b3c9fc98e7b65e1115bfad9f
-
SHA256
dbd58df04d603694d9997d6c0037781491109fe61473b61e3593ffe0ba40f680
-
SHA512
e8f57daa29deb1709850e06693db9025f66a37ee92f7e56054a7fd4e4b280c4ed4d8b70f0d49e854ddda6a9ba916e6dd83e6ec66bd7344e323e00388a62663d3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-