General
-
Target
Complaint-Copy-229880411-03092021.zip
-
Size
13KB
-
Sample
210309-apyfb4t6tx
-
MD5
8fe76aa68c93cd427bd5bf0e320798bf
-
SHA1
bbfebc91b8b1821af34d8e416b174d07c7ed1710
-
SHA256
78452ce2b8b3434738d7d77450dee01400bc6509a5acd28a616b363dccf64c6b
-
SHA512
301c4d3be151bb135a91cda7b38d9125f6cc3453bc801ce7477195f7be91589742f3ce5d140417a513ce270c338592a5753723b952dd7e10af8cd2eea4bb8b50
Behavioral task
behavioral1
Sample
Complaint-Copy-229880411-03092021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Copy-229880411-03092021.xls
Resource
win10v20201028
Malware Config
Extracted
http://www.kncomputers.com/zbremh/44264.8224950231.dat
http://pureaqua.pk/foioij/44264.8224950231.dat
http://sklep.omax.pl/bahuvxwm/44264.8224950231.dat
http://nirvanaeyehospital.com/tabnhw/44264.8224950231.dat
http://simplithy.co.uk/hxxnhl/44264.8224950231.dat
Targets
-
-
Target
Complaint-Copy-229880411-03092021.xls
-
Size
80KB
-
MD5
3380b28f67bf1f41c7b42da78f94fe2b
-
SHA1
5cbf716bfb4201fbc905f643f07d181123a7d123
-
SHA256
56dd80b27c4010a429a663feccdc0e1896e5ca51ddb45604478d02e00cdc5c70
-
SHA512
c424d751c676c5b7ef1cc702a2a16b7638482718555c0377edf522718a6acd0c60e30797d00a896c2dd76bf62446e4b37dbeaae87e20ad332a14d2e4b9f0c5c7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-