General
-
Target
Complaint-Copy-557393476-03092021.zip
-
Size
13KB
-
Sample
210309-3j7fybmw8e
-
MD5
72c903e0e52ad592b567063a27d45066
-
SHA1
6a673bc775d2af8d51fee027336a164c2bc40920
-
SHA256
2d6c56345a266ea82cbda5d916ecc0143c787638cd14dcacc9d7bdf8a33d2aa3
-
SHA512
e96d768e84045d8033171c801fc6b860d28fb4fdc4268115a07f5e35ded4c70bf0e8731b8f71d758260337898c9305ab224db170a6e377d51e5c0975b02303b9
Behavioral task
behavioral1
Sample
Complaint-Copy-557393476-03092021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Copy-557393476-03092021.xls
Resource
win10v20201028
Malware Config
Extracted
http://ryctech.net/yhqlhnhtzrwb/44264.823221412.dat
http://www.soundslingersstudio.com/znrptdbfqahd/44264.823221412.dat
http://fairyflydesigns.com/bcjczunj/44264.823221412.dat
http://jk.themoscowcity.com/ivwoahwzlndw/44264.823221412.dat
http://blueblazestudios.com/bkgrenjhbztb/44264.823221412.dat
Targets
-
-
Target
Complaint-Copy-557393476-03092021.xls
-
Size
81KB
-
MD5
96a11092f43aa93dbe709f5f63853fcc
-
SHA1
439ddb32e789d3fb8ca03b8ee3494549c13a51ca
-
SHA256
614ab1a690fcc4e2ff433685be32cd5ef95c12b271afe208a54a661782e519d8
-
SHA512
f24127143c507aaf8c166fba18e3e1c8072a280276737e38a11350a7341ded5d1e33e94a505e4c495e81c31833631d1582e08da87487ea971c0d1610a245ee67
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-