General
-
Target
SecuriteInfo.com.Heur.19357.26176
-
Size
188KB
-
Sample
210304-tqdqyqdyxa
-
MD5
3560d569466fa72737f69e5a6061bd03
-
SHA1
dec5fbbe3fedcc04525ccb5912b9122a77322130
-
SHA256
06cc483ba32ec50517772d206d6b195b9e3b59290ebfe3b554cef3ef5ec8f73d
-
SHA512
84fb5efd7c53364082ab4273a05f283e394efc8cc5fa689e7cc03b7c125c30bdf8bae8f60ee2847ed5c91f085224fc7f41e0ecc95608ab6ee6253617f54f25bb
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Heur.19357.26176.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Heur.19357.26176.xls
Resource
win10v20201028
Malware Config
Extracted
http://davidachim.com/wpold/document.php
Targets
-
-
Target
SecuriteInfo.com.Heur.19357.26176
-
Size
188KB
-
MD5
3560d569466fa72737f69e5a6061bd03
-
SHA1
dec5fbbe3fedcc04525ccb5912b9122a77322130
-
SHA256
06cc483ba32ec50517772d206d6b195b9e3b59290ebfe3b554cef3ef5ec8f73d
-
SHA512
84fb5efd7c53364082ab4273a05f283e394efc8cc5fa689e7cc03b7c125c30bdf8bae8f60ee2847ed5c91f085224fc7f41e0ecc95608ab6ee6253617f54f25bb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-