General
-
Target
Complaint-Copy-676926603-03092021.xls
-
Size
80KB
-
Sample
210309-cqs3xyjcr6
-
MD5
550f926bdeb168cdd567fffebf11e24b
-
SHA1
10ce1954929bd088c98d2c3fa8673bd17470de68
-
SHA256
e0da86c488a274f97aff2edf379f2adb82b6b28681bcd9bd429ba8b29b40f442
-
SHA512
7c791cee7c17fffb7bd494af683f21d74a84106ffe5087ff0b97ce138e7e4aecb46f1e2596c5647cec693234c148d0b955c7f6060edcdfaa05d37dc39914e814
Malware Config
Extracted
http://www.kncomputers.com/zbremh/44264.8637175926.dat
http://pureaqua.pk/foioij/44264.8637175926.dat
http://sklep.omax.pl/bahuvxwm/44264.8637175926.dat
http://nirvanaeyehospital.com/tabnhw/44264.8637175926.dat
http://simplithy.co.uk/hxxnhl/44264.8637175926.dat
Targets
-
-
Target
Complaint-Copy-676926603-03092021.xls
-
Size
80KB
-
MD5
550f926bdeb168cdd567fffebf11e24b
-
SHA1
10ce1954929bd088c98d2c3fa8673bd17470de68
-
SHA256
e0da86c488a274f97aff2edf379f2adb82b6b28681bcd9bd429ba8b29b40f442
-
SHA512
7c791cee7c17fffb7bd494af683f21d74a84106ffe5087ff0b97ce138e7e4aecb46f1e2596c5647cec693234c148d0b955c7f6060edcdfaa05d37dc39914e814
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-