General
-
Target
sample.xls
-
Size
276KB
-
Sample
210311-3d2x5335pe
-
MD5
5cd0bfc13e54454404bdea0a16d5fbba
-
SHA1
c191aeed68de9ebcbd8cf14aa4d6465e305e6603
-
SHA256
d54fa3d2b17706fe6e4c1159c04ff2bbc4f2403de5855f73a038ed8335e7e3f2
-
SHA512
cee9509a75a51f740ad087b4af2116b2644999aabbbea2281efc90ec298786f66ba4a211c3a83b6e0a7a6d6c3fcfa51e146d3fc19683c5f302fc52c132fe014d
Malware Config
Extracted
http://lackenbauer.ru/bd/hhvqjrec/44266.5618491898.dat
http://www.peacezoneacademy.com/dxsbonlv/44266.5618491898.dat
http://jopo.com/gmaaxbro/44266.5618491898.dat
http://www.thegivingwall.co.uk/jfgolx/44266.5618491898.dat
http://baxtercode.com/qkhpnucmzts/44266.5618491898.dat
Targets
-
-
Target
sample.xls
-
Size
276KB
-
MD5
5cd0bfc13e54454404bdea0a16d5fbba
-
SHA1
c191aeed68de9ebcbd8cf14aa4d6465e305e6603
-
SHA256
d54fa3d2b17706fe6e4c1159c04ff2bbc4f2403de5855f73a038ed8335e7e3f2
-
SHA512
cee9509a75a51f740ad087b4af2116b2644999aabbbea2281efc90ec298786f66ba4a211c3a83b6e0a7a6d6c3fcfa51e146d3fc19683c5f302fc52c132fe014d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-