General
-
Target
Complaint-Copy-586583352-03092021.zip
-
Size
13KB
-
Sample
210309-8fp1dc6w9s
-
MD5
9f63b021d3233b2895e542b7d96306a4
-
SHA1
90c65a0e1649143d099ef91313525f30b7826b52
-
SHA256
76fe96d3bf7ac8c80fb1a41f2dce3dc25e4e92b7b9bd07ea77971d6eacaa3418
-
SHA512
8c5106732bfa650cb12764239ebf107de1ed1dba3e67d63a3a77e39d574bce3ffe2b289ca7b690d0cd81c29d815c6080187f37eba1659d28de8f7cfcd0abd6a5
Behavioral task
behavioral1
Sample
Complaint-Copy-586583352-03092021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Copy-586583352-03092021.xls
Resource
win10v20201028
Malware Config
Extracted
http://www.kncomputers.com/zbremh/44264.8228959491.dat
http://pureaqua.pk/foioij/44264.8228959491.dat
http://sklep.omax.pl/bahuvxwm/44264.8228959491.dat
http://nirvanaeyehospital.com/tabnhw/44264.8228959491.dat
http://simplithy.co.uk/hxxnhl/44264.8228959491.dat
Targets
-
-
Target
Complaint-Copy-586583352-03092021.xls
-
Size
80KB
-
MD5
c59317100bd570df0a5729f966f1d841
-
SHA1
5d4e7fd3ecafad8c999e82a7cdc95efe3d04447d
-
SHA256
c7a7d8e5ba1e52d7fdcc0ebabc1a0b11b6cf87281bfdcab8f9945588c8c8903c
-
SHA512
fd77b45c1e41a58de7e7c2d5e4b1faa7036c2a065e8f24c26df39ef8ab91c449864036e4f45ac0ad9c31a13e6ce0fb100a3b0ae28bc3633555a774cfca12d19e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-