General
-
Target
Complaint-Letter-1737783681-03102021.zip
-
Size
49KB
-
Sample
210311-mwx8a2gr1x
-
MD5
70f77a6cd337adab0afce1acee20d2c4
-
SHA1
05cb7160b50d3b25afc626bb9f24125fa2f10dae
-
SHA256
061cc686cc419c20be9207dc08cf30387e4dd3ad689f75769f15901848f4745d
-
SHA512
8c87fbce93e8d4045717eb3507f465b64f7982ccfe6137702fedf41b5eef467459815131a68a3d28a9b518ea00716599e409ea4759c2900e6cc60726a8aa39d1
Behavioral task
behavioral1
Sample
Complaint-Letter-1737783681-03102021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Letter-1737783681-03102021.xls
Resource
win10v20201028
Malware Config
Extracted
http://lackenbauer.ru/bd/hhvqjrec/44266.8769790509.dat
http://www.peacezoneacademy.com/dxsbonlv/44266.8769790509.dat
http://jopo.com/gmaaxbro/44266.8769790509.dat
http://www.thegivingwall.co.uk/jfgolx/44266.8769790509.dat
http://baxtercode.com/qkhpnucmzts/44266.8769790509.dat
Targets
-
-
Target
Complaint-Letter-1737783681-03102021.xls
-
Size
276KB
-
MD5
a43af9b5594cb1cfd748e6a4a33c3dc7
-
SHA1
8856a2c2c6975693a2ec9f603aba226596e74d55
-
SHA256
69c60296879563e341e1dba8da2f421893ad9697593a5deeaff3e79abb57dd9a
-
SHA512
d74ec67a73d4fb87cdbdf5978a7953058004f6f7dd49cc4e5dc12e5eb331388f020fc409b9b6e79056b18c2fa9262e19ab1ffe3321376798f808bac0c3b9f83d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-