General
-
Target
SecuriteInfo.com.Heur.18154.14877
-
Size
188KB
-
Sample
210304-qcjqkvpr3a
-
MD5
da5de746eedc1d8b6ce299e62c11d822
-
SHA1
fd2ec0a01305c9ec7a81bbf34bbb802649c0f72a
-
SHA256
d6cc8bb9fb94ae2a9b12e15db534cb5c021c37fc104b46c7db8096e1f1108740
-
SHA512
1eda1d9e2de0e6483e730098bcbf08856bd9c8c41c15749b5d359b2d091ff39dcc68ffa16a96a76bbe0a207e26f88f17c55232dad76c4c88226a85e8afc48fc6
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Heur.18154.14877.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Heur.18154.14877.xls
Resource
win10v20201028
Malware Config
Extracted
http://davidachim.com/wpold/document.php
Targets
-
-
Target
SecuriteInfo.com.Heur.18154.14877
-
Size
188KB
-
MD5
da5de746eedc1d8b6ce299e62c11d822
-
SHA1
fd2ec0a01305c9ec7a81bbf34bbb802649c0f72a
-
SHA256
d6cc8bb9fb94ae2a9b12e15db534cb5c021c37fc104b46c7db8096e1f1108740
-
SHA512
1eda1d9e2de0e6483e730098bcbf08856bd9c8c41c15749b5d359b2d091ff39dcc68ffa16a96a76bbe0a207e26f88f17c55232dad76c4c88226a85e8afc48fc6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-