General
-
Target
Complaint-Letter-894971806-03102021.xls
-
Size
276KB
-
Sample
210311-rva5wsrahx
-
MD5
76f89d2530ceef9b477515c3ca7e01d8
-
SHA1
6e64aba14a07728d7bcd7ac322eb5ca3a1e4fb5a
-
SHA256
8294db28f303c0aee034ad4b6570513f3f5b6271509794863f8c6ac2131e5d84
-
SHA512
4eebf28ab019234381383f64dfd59ecab53219836e2272a39e063e7e4f86bcab306aacc4184ce6e804bbaf9bbd08ddb8288990536062b3a013e23a290453e255
Behavioral task
behavioral1
Sample
Complaint-Letter-894971806-03102021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Letter-894971806-03102021.xls
Resource
win10v20201028
Malware Config
Extracted
http://vasprogramer.com/xcuaqrfwpaf/44266.8606236111.dat
http://mboard.baydevelopments.com/tkihlgt/44266.8606236111.dat
http://porcarabanchel.es/kgbpstokjetx/44266.8606236111.dat
http://klickprints.com/jcqywmbz/44266.8606236111.dat
http://werkplaats1.okker.nl/jiejgtgde/44266.8606236111.dat
Targets
-
-
Target
Complaint-Letter-894971806-03102021.xls
-
Size
276KB
-
MD5
76f89d2530ceef9b477515c3ca7e01d8
-
SHA1
6e64aba14a07728d7bcd7ac322eb5ca3a1e4fb5a
-
SHA256
8294db28f303c0aee034ad4b6570513f3f5b6271509794863f8c6ac2131e5d84
-
SHA512
4eebf28ab019234381383f64dfd59ecab53219836e2272a39e063e7e4f86bcab306aacc4184ce6e804bbaf9bbd08ddb8288990536062b3a013e23a290453e255
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-