General
-
Target
Complaint-Letter-134691101-03102021.xls
-
Size
276KB
-
Sample
210311-mtdhc356be
-
MD5
3eedeea5f0c97fbed05b86a3aa16ba74
-
SHA1
fc76baabb3784081779086e584d26f32c27d190f
-
SHA256
e81294c9114fd7297a97f004a928a0243d2fe6ac4dc54d2e0f9d3c86d1901c69
-
SHA512
7343013d614a593343dfcd6d04ca76e2ddd08fb57e02f54ca8ee257a40d31c1637b41277863ca473760f3b56fa7f1835c349c761e3bc9a3914ad34045cc24a47
Malware Config
Extracted
http://lackenbauer.ru/bd/hhvqjrec/44266.3269646991.dat
http://www.peacezoneacademy.com/dxsbonlv/44266.3269646991.dat
http://jopo.com/gmaaxbro/44266.3269646991.dat
http://www.thegivingwall.co.uk/jfgolx/44266.3269646991.dat
http://baxtercode.com/qkhpnucmzts/44266.3269646991.dat
Targets
-
-
Target
Complaint-Letter-134691101-03102021.xls
-
Size
276KB
-
MD5
3eedeea5f0c97fbed05b86a3aa16ba74
-
SHA1
fc76baabb3784081779086e584d26f32c27d190f
-
SHA256
e81294c9114fd7297a97f004a928a0243d2fe6ac4dc54d2e0f9d3c86d1901c69
-
SHA512
7343013d614a593343dfcd6d04ca76e2ddd08fb57e02f54ca8ee257a40d31c1637b41277863ca473760f3b56fa7f1835c349c761e3bc9a3914ad34045cc24a47
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-