General
-
Target
2701-2-P.xlsm
-
Size
25KB
-
Sample
210311-8gx3th9ers
-
MD5
2f2d175d760c8a09a300026dc671d37d
-
SHA1
0298f2a15385f566cbfa21c5027678aec4e70536
-
SHA256
76691d9aaba862b747ad897d8f215e69b857458a3a11cadc18483281470b324b
-
SHA512
312ccfd222f6f54353586952ecac036a89e1f157f98880ab478f93eae74c117c25f5cfd7be3d815357e1c87143b02ede29bcb40f43457f578707c312f9ea0d7c
Behavioral task
behavioral1
Sample
2701-2-P.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
2701-2-P.xlsm
Resource
win10v20201028
Malware Config
Extracted
https://eurobones.com.br/server.php
Targets
-
-
Target
2701-2-P.xlsm
-
Size
25KB
-
MD5
2f2d175d760c8a09a300026dc671d37d
-
SHA1
0298f2a15385f566cbfa21c5027678aec4e70536
-
SHA256
76691d9aaba862b747ad897d8f215e69b857458a3a11cadc18483281470b324b
-
SHA512
312ccfd222f6f54353586952ecac036a89e1f157f98880ab478f93eae74c117c25f5cfd7be3d815357e1c87143b02ede29bcb40f43457f578707c312f9ea0d7c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-