General
-
Target
1151.xls_385F31D756A7F859A890930A796318E9.zip
-
Size
19KB
-
Sample
210309-mw7ax7dbke
-
MD5
b2412b0f1f4211b596639a854ef7efe6
-
SHA1
6b7636c19749fc69da767a45c3a988e646d7633a
-
SHA256
89fbaec02d26c27ff124a98f9c378ab993028bdd694ad3735df9fa881b89daca
-
SHA512
7eb82c4c7689ebb12f3d8c585a5b59b09dff8b4fbd0226a0e99c3f17c791547be0650d03f00bc1924c153cc5af59d12e975205741611af21c9734deaf056ebcd
Behavioral task
behavioral1
Sample
1151.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
1151.xls
Resource
win10v20201028
Malware Config
Extracted
https://solemnenterprise.com/k.php
Targets
-
-
Target
1151.xls
-
Size
58KB
-
MD5
385f31d756a7f859a890930a796318e9
-
SHA1
d7102da56067a139e6ad54874eb2708f7c93a8f0
-
SHA256
4822baa79c030f20de78765196120d44dce34a0a0a34016e2b844ea1c2cfecf8
-
SHA512
c19b15bbd63e8358c5306d850121d7f0da9d7dc8cc355b9302552eec3f83f3f514d47341efc2787300830afd80ff2f6a35925e8d7bcfce149edf019a3d4c2be0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-