General
-
Target
359.xls
-
Size
58KB
-
Sample
210309-zej2lflxkj
-
MD5
d7e28031147b036422fb0920d767c4b0
-
SHA1
edfa5aa852b506c78f3f95b541baaa8c81efbb83
-
SHA256
2613196c01bb5676ebf85b913762efc9f7c2b64bb0b80ee7580f5ab74a5a0192
-
SHA512
31850a02c4a8e3be38407457f4479e20b6bed06cf7d8daff7709d7eecf77de23436dd9172f6bcc2fb909984dce0e7b19dbc5840eb7a418f588d1e82cf1d8558c
Behavioral task
behavioral1
Sample
359.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
359.xls
Resource
win10v20201028
Malware Config
Extracted
https://solemnenterprise.com/k.php
Targets
-
-
Target
359.xls
-
Size
58KB
-
MD5
d7e28031147b036422fb0920d767c4b0
-
SHA1
edfa5aa852b506c78f3f95b541baaa8c81efbb83
-
SHA256
2613196c01bb5676ebf85b913762efc9f7c2b64bb0b80ee7580f5ab74a5a0192
-
SHA512
31850a02c4a8e3be38407457f4479e20b6bed06cf7d8daff7709d7eecf77de23436dd9172f6bcc2fb909984dce0e7b19dbc5840eb7a418f588d1e82cf1d8558c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-