General
-
Target
Complaint-Letter-1770545757-03102021.zip
-
Size
49KB
-
Sample
210311-p8kz8lsdhx
-
MD5
f52c38d4c6556b4d1129eda03e40352e
-
SHA1
ee81aac8a2f9df54f3b75713ce24f91c47fe7981
-
SHA256
528843c02e759ea8beec1cfb2046c9ebde01670970db90ef90048237a387e61a
-
SHA512
e6f1deac7e98eddf9f11f770736bad157cb4aabebc4818f10cb487ddb3f49febb197194d82839e441a9b500851f376d2334b60cdf14752c97e0dc990cb1c2bbb
Behavioral task
behavioral1
Sample
Complaint-Letter-1770545757-03102021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Letter-1770545757-03102021.xls
Resource
win10v20201028
Malware Config
Extracted
http://vasprogramer.com/xcuaqrfwpaf/44266.1465023148.dat
http://mboard.baydevelopments.com/tkihlgt/44266.1465023148.dat
http://porcarabanchel.es/kgbpstokjetx/44266.1465023148.dat
http://klickprints.com/jcqywmbz/44266.1465023148.dat
http://werkplaats1.okker.nl/jiejgtgde/44266.1465023148.dat
Targets
-
-
Target
Complaint-Letter-1770545757-03102021.xls
-
Size
276KB
-
MD5
1b09e1cc905855e5e03f5bfdf28874d2
-
SHA1
3b5ee62ed39e5d50ff4c41a269b0759d8d7f2088
-
SHA256
75576374f31710e474434faa2c28d5764f021962106815f06a3e819df48188f6
-
SHA512
b2d1919de1fa234303f93dcf831d04de995b294e190df64d52e8fa2967ae011eea89d3b32ae20332bfd8dcda0a10db250e357c9fa651eaf66edeffea2d99306f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-