General
-
Target
Copy 7739588.xlsm
-
Size
201KB
-
Sample
210311-qarwzg9fwn
-
MD5
afb5ae0f3a9992fdd329d5353d5faf3d
-
SHA1
f7900c280982426cf5b69c56500e5c1a3bfa3149
-
SHA256
5b029d35e3b26016449753fa274b30071f7e7857b0f07af97d9d0dfed828e581
-
SHA512
8d030af621f5d0370daf98912b69a88f353f8e7e6676a760cf66e6b927aa783dc124f9ad67ef2b103f1a105fe1f4c861ab57971e274072607466ef449c0e8a43
Static task
static1
Behavioral task
behavioral1
Sample
Copy 7739588.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Copy 7739588.xlsm
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Copy 7739588.xlsm
-
Size
201KB
-
MD5
afb5ae0f3a9992fdd329d5353d5faf3d
-
SHA1
f7900c280982426cf5b69c56500e5c1a3bfa3149
-
SHA256
5b029d35e3b26016449753fa274b30071f7e7857b0f07af97d9d0dfed828e581
-
SHA512
8d030af621f5d0370daf98912b69a88f353f8e7e6676a760cf66e6b927aa783dc124f9ad67ef2b103f1a105fe1f4c861ab57971e274072607466ef449c0e8a43
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-