General
-
Target
Complaint-Copy-645863057-03092021.xls
-
Size
80KB
-
Sample
210309-k43b1n5srs
-
MD5
82952988f87c14f9164447079f092c76
-
SHA1
fcf9a5ab347f01883e467699082947e560819e9a
-
SHA256
53ab347ad2644e27bca72205d9dd9dcdba6852c150c5b4211c654f9230e4548e
-
SHA512
c120e2e95ad557c0f8f0b96039b7535771a1aee6d13cb7c854b62f3cfd6491c2448c426e2694f0e3a2abea6db6f48e978df066e381382a88a55bf9ef27233882
Behavioral task
behavioral1
Sample
Complaint-Copy-645863057-03092021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Copy-645863057-03092021.xls
Resource
win10v20201028
Malware Config
Extracted
http://www.kncomputers.com/zbremh/44264.8623118056.dat
http://pureaqua.pk/foioij/44264.8623118056.dat
http://sklep.omax.pl/bahuvxwm/44264.8623118056.dat
http://nirvanaeyehospital.com/tabnhw/44264.8623118056.dat
http://simplithy.co.uk/hxxnhl/44264.8623118056.dat
Targets
-
-
Target
Complaint-Copy-645863057-03092021.xls
-
Size
80KB
-
MD5
82952988f87c14f9164447079f092c76
-
SHA1
fcf9a5ab347f01883e467699082947e560819e9a
-
SHA256
53ab347ad2644e27bca72205d9dd9dcdba6852c150c5b4211c654f9230e4548e
-
SHA512
c120e2e95ad557c0f8f0b96039b7535771a1aee6d13cb7c854b62f3cfd6491c2448c426e2694f0e3a2abea6db6f48e978df066e381382a88a55bf9ef27233882
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-