General
-
Target
Complaint-Letter-699160903-03102021.zip
-
Size
50KB
-
Sample
210311-46h913zwp6
-
MD5
8fa79c9e3c330c66fed2ac2130efbd0d
-
SHA1
b2ff0a810d36818e41ab6a497e7f09e2cbee8c9f
-
SHA256
88f72155fbaa095cc2ceee5c46e1b3442ba5d476784fa0a3d9484dc0cbcc2ff2
-
SHA512
dfdfb578d2f927f727cefe84f48d1670eb436445929642d75b4f43eb9ee202f2c421e7dfcf44b78168c45f5f6dafc581afc25bbcd70e02feceed6ca6f3364a5a
Malware Config
Extracted
http://oracledispatch.com/pijxju/44266.1461440972.dat
http://alvaelectrical.ir/jfvrrvwxrsv/44266.1461440972.dat
http://www.bekagayrimenkul.com/xtgudsvqubbk/44266.1461440972.dat
http://civil-group.ir/rvnhdtkyxgu/44266.1461440972.dat
http://kumarpropack.com/jdvcnedwvpr/44266.1461440972.dat
Targets
-
-
Target
Complaint-Letter-699160903-03102021.xls
-
Size
281KB
-
MD5
7c29aaed776bb470e5a2f0569ea44d12
-
SHA1
1e33673add979088a223dd337cea0c974e4dc296
-
SHA256
85f8f00fc5d2e2de62c0c37cec012e0c8516ec1a83d82056e89fcb38b51bb963
-
SHA512
a9b852c5a859640121c7b34286879085f15c9dbb0b1fe9705f6f6dc380f46c4a9ebabea79a9b6ae7a943a2a05228881794ffa2e8f25da6e77ff0d54fd55db8c4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-