General
-
Target
Complaint-Letter-1768077996-03102021.zip
-
Size
49KB
-
Sample
210311-n8ce87ttba
-
MD5
ed0a63119e9445252b7cbad63fefbc0c
-
SHA1
9017289dcbf8aae3581a72c6fabc43f04612a43a
-
SHA256
e3419e17335cdbcd018cb67aeb3475c7513496d2ddd12b5e5dbc50ad464e87ef
-
SHA512
e592224a4119219c0ae1ebcd1dd8817fc1964255c072ec9301af899a48d98c7528cf210f295d6317b240bf37cab0930a154c5fa1a234070ae4d20debd4f52d64
Malware Config
Extracted
http://vasprogramer.com/xcuaqrfwpaf/44266.142337037.dat
http://mboard.baydevelopments.com/tkihlgt/44266.142337037.dat
http://porcarabanchel.es/kgbpstokjetx/44266.142337037.dat
http://klickprints.com/jcqywmbz/44266.142337037.dat
http://werkplaats1.okker.nl/jiejgtgde/44266.142337037.dat
Targets
-
-
Target
Complaint-Letter-1768077996-03102021.xls
-
Size
276KB
-
MD5
122e75358ae9db054aa4843ee1543db9
-
SHA1
d459af154bdd0f606a378a40cbca16c0b8246a00
-
SHA256
fd3ceedd03ccec43d6569d2b8a9e961d8ef63ea331143a4ca9da1b780807053e
-
SHA512
529d0ba46ac7ca77a02b4a2a26bda4e113fddf42fe0f9bbc56dd7e59cea69d5b158ece8ef35e26d11b1a5ca88a99e1b6179763da2bb22e7539a01622be5a98a8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-