General
-
Target
Debt-Details-1507647719-03052021.zip
-
Size
13KB
-
Sample
210306-nvafwbhn3n
-
MD5
e76884ad56d85d67ee49f2bd70f835f0
-
SHA1
ebecb16242768841de83075cc8f776a4086e4586
-
SHA256
2d31ba4418a570891d020216196db66e3c6c48f0ff0e2203cdce936090013182
-
SHA512
c6aff2e783d6df53ca486030d54bd9d31c32237f33b0ef6f391255099984f756a43714efda66cadd8d7062621ede933dc390ac0dbc2b28a9574fb18dc6c31618
Malware Config
Extracted
http://kosherbansko.com/vozrhzftc/44261.1858778935.dat
http://beautyhair.by/rkqhopvrb/44261.1858778935.dat
http://trysaileggplants.com/xbbomazcknz/44261.1858778935.dat
http://giftcard16.com/pghxph/44261.1858778935.dat
http://www.ausfencing.org/jqikucbefrth/44261.1858778935.dat
Targets
-
-
Target
Debt-Details-1507647719-03052021.xls
-
Size
78KB
-
MD5
ff102bc2c8369141d3e365358bddd97a
-
SHA1
ffd81f998d1a315b2a7c27d9d57559ee255d4a91
-
SHA256
c38f5a3e405ec109061f694e08cc9d3d81af372fe55c96581e184a758782dad4
-
SHA512
b50926632b20e221c5622b14971fe5a79dac703431a65040ce7a2301ce4875de68a751fb0780f00fe6c32e84471aa32fc345ecc963b08bc5b6944ca5bd81e3f7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-