General
-
Target
attached (45).zip
-
Size
14KB
-
Sample
210304-mr7e8bb9dn
-
MD5
5a46de1b3ea269a0b07e04c7e1bdbf60
-
SHA1
a8e7dc7ee364e6dd20d9229bc2085157712385d5
-
SHA256
892972a4e0cb87f700fa44efe029d427516e30800a73837636221511d7d99e67
-
SHA512
a4c875f82ebadea7a4ef9b78d764bac2cefe3df88962cf5a78f1822d10350488ceec7d5e6826f103ba433cfbc56b18ade1be6e21cc0b5e3fe9b8870f89ed9000
Behavioral task
behavioral1
Sample
document-1542036422.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1542036422.xls
Resource
win10v20201028
Malware Config
Extracted
http://uhfa02eknih03swzdku.com/index.xls
Targets
-
-
Target
document-1542036422.xls
-
Size
86KB
-
MD5
74d6a894733a005d0ccbe71285c1786f
-
SHA1
b79f8a79c24763c4a13655e9f59e323b38d78baa
-
SHA256
93d6aea4fceae79b1165d8a9a4897b4c1b340690a22ada8a7a4dedd6a1b1c712
-
SHA512
da2ead0406115542786a006b896d984f3c334d29b26515c68f789587db89457de5eb318107a75917f7ae8f5c14e5da8aafb806f6e4ad21d4bc4a8ded03e39563
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-