General
-
Target
Debt-Details-1940160084-03052021.xls
-
Size
78KB
-
Sample
210305-tacxl1wp8a
-
MD5
f441bd6beb86ba6d4b36f8fac75a4436
-
SHA1
5059340fc6fb2a5b27d05e42671b6251910aaaeb
-
SHA256
c42a995d2eabe03b68ad326dd75d49aa53188821eea726ff30bb5bcd320ba9c0
-
SHA512
e39318dbf67f37e378ad469dcad57edd034e65e9b97fc21782933d24c451b36e65ef8417b06415f304dcd656e7cc598b0009186d4941ceaea5b64bfc7bfe555b
Malware Config
Extracted
http://kosherbansko.com/vozrhzftc/44260.8257960648.dat
http://beautyhair.by/rkqhopvrb/44260.8257960648.dat
http://trysaileggplants.com/xbbomazcknz/44260.8257960648.dat
http://giftcard16.com/pghxph/44260.8257960648.dat
http://www.ausfencing.org/jqikucbefrth/44260.8257960648.dat
Targets
-
-
Target
Debt-Details-1940160084-03052021.xls
-
Size
78KB
-
MD5
f441bd6beb86ba6d4b36f8fac75a4436
-
SHA1
5059340fc6fb2a5b27d05e42671b6251910aaaeb
-
SHA256
c42a995d2eabe03b68ad326dd75d49aa53188821eea726ff30bb5bcd320ba9c0
-
SHA512
e39318dbf67f37e378ad469dcad57edd034e65e9b97fc21782933d24c451b36e65ef8417b06415f304dcd656e7cc598b0009186d4941ceaea5b64bfc7bfe555b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-