General
-
Target
Complaint-Letter-179737565-03102021.zip
-
Size
49KB
-
Sample
210311-rntew85r3x
-
MD5
b9d9087b4dbf55a0e547a94489e6531b
-
SHA1
8a5c20c35203804ba6d148c35b6408303198f561
-
SHA256
7da7cffd72c1d4cf8503f8c52fc80dc5695d4418980756118ddc1ade7057d010
-
SHA512
27a73687270e7dc58c26e9a9d3bee950c07da4ee380eddd64abd9ac948692a98a71a69ca0da302954f7536bc20ca8ad69b78c4c56ac730bf122d32990042f43f
Malware Config
Extracted
http://vasprogramer.com/xcuaqrfwpaf/44266.1068523148.dat
http://mboard.baydevelopments.com/tkihlgt/44266.1068523148.dat
http://porcarabanchel.es/kgbpstokjetx/44266.1068523148.dat
http://klickprints.com/jcqywmbz/44266.1068523148.dat
http://werkplaats1.okker.nl/jiejgtgde/44266.1068523148.dat
Targets
-
-
Target
Complaint-Letter-179737565-03102021.xls
-
Size
276KB
-
MD5
cbc490561df4ba515e732409dda1c5e2
-
SHA1
99de9b0b984f203b35d005351a29a319f397ad3b
-
SHA256
27d7998ed5c47081aafb88662a805bf9bd79013559ab2c73a911f3cf0954c585
-
SHA512
2115c4ad7c3c18b38d287aba58b1e848183ffb8b1e4c05a7d2f765fb2ce73ca656c7ebdfff51a3aa420d22f0cac5736703b1a590a81eb9fc0323603c35db92d2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-