General
-
Target
Doc_6.xls
-
Size
62KB
-
Sample
210308-f5qy1tnern
-
MD5
0f70433b292a3d3d362f618530cd86d9
-
SHA1
fe2e12e002d872ee803e0b62e3f79f1630e3719d
-
SHA256
cb86215bc9adb03dc88f3cf05473d34a68b326b50f676a83b7cf80c68a150bc3
-
SHA512
fe9ff1c19e9780fc02c62e4849002b00403ec9706315edbaf2dec2e1631ff63c8494d47ca6a55bc37a2cd4a15494ab250dcb7bfd22605cd99c04d02f328c227d
Behavioral task
behavioral1
Sample
Doc_6.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Doc_6.xls
Resource
win10v20201028
Malware Config
Extracted
https://jinnahofficersschool.com/logs.php
Targets
-
-
Target
Doc_6.xls
-
Size
62KB
-
MD5
0f70433b292a3d3d362f618530cd86d9
-
SHA1
fe2e12e002d872ee803e0b62e3f79f1630e3719d
-
SHA256
cb86215bc9adb03dc88f3cf05473d34a68b326b50f676a83b7cf80c68a150bc3
-
SHA512
fe9ff1c19e9780fc02c62e4849002b00403ec9706315edbaf2dec2e1631ff63c8494d47ca6a55bc37a2cd4a15494ab250dcb7bfd22605cd99c04d02f328c227d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-