General
-
Target
Overdue-Debt-1152978906-03042021.zip
-
Size
13KB
-
Sample
210304-zlgen1gctn
-
MD5
c4cc639ce01f1228697d97028c03da47
-
SHA1
823c88494ad2684800f6bfa1e9135419d8167def
-
SHA256
54c0dc22322796074802d7607c3bfa52f802aecf8c3ad61d632c2c050f4cbcc9
-
SHA512
2eae3f295db93ca137cf409554d846b871921a87ab27fedd62d459842a91d8ee454c3ae0a950954d34ceb91aef67326059a6a9bcd406efccebe38d4efe2b39b8
Malware Config
Extracted
http://stumbletrouser.com/hpbifbnnuauj/44259.7793224537.jpg
http://bewitchedcracks.com/zmihkvffum/44259.7793224537.jpg
http://hoverknot.com/ebifn/44259.7793224537.jpg
http://embracepart.com/arphdhodl/44259.7793224537.jpg
http://fathesrlyunny.com/zrvmj/44259.7793224537.jpg
Targets
-
-
Target
Overdue-Debt-1152978906-03042021.xls
-
Size
76KB
-
MD5
74ce952fc86ff58ebf10821926bb7ec5
-
SHA1
61451bf8547c8ade0b32b63b2bfdea228de29873
-
SHA256
8a80afbf0c5a61bca399013f7342d15c2f967b71e9ca41b494ad84d92450bf01
-
SHA512
a600419fb2a08e117f240171c400e20c4c6f510fb3c6736b0cb2de50d4cf5126574517542a3ebaddde30a99fc8958e18c391e1e502142ddb104118ae0282d219
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-