General
-
Target
Complaint-Letter-1852762091-03102021.zip
-
Size
49KB
-
Sample
210311-xnsedmxwk2
-
MD5
47e23e90011a2b4376a659e94622aaa9
-
SHA1
f2af062e252d584bef9e25f9b8a3058527dc7755
-
SHA256
09681873179d9c2cdce85c79e69fce2a6d399ff1518a3fe3597869d41ef62885
-
SHA512
f24adb1bbc6c75ee567fd573ed713502f30386edb80971576bbd7028be2dd9277cbeca45b9c8a9662eb853eb1bd5820c2549ef1cf6155b07fa6abd67873a3051
Malware Config
Extracted
http://vasprogramer.com/xcuaqrfwpaf/44266.0982003472.dat
http://mboard.baydevelopments.com/tkihlgt/44266.0982003472.dat
http://porcarabanchel.es/kgbpstokjetx/44266.0982003472.dat
http://klickprints.com/jcqywmbz/44266.0982003472.dat
http://werkplaats1.okker.nl/jiejgtgde/44266.0982003472.dat
Targets
-
-
Target
Complaint-Letter-1852762091-03102021.xls
-
Size
276KB
-
MD5
437776893cecec7fdb78a11d254e137f
-
SHA1
6b7f2f7e038aead0ddeb09e8cd588df12ec6784b
-
SHA256
2eed117820dda6ebbfed88003337cb32f2825171fbb55a32f78d44bbaa738e40
-
SHA512
bd5878f03bffdfa80492ae646aa47dd7a83c4eb4106d7686d31f82629f41446df4cedc422e7590221d8ea0cbc7b3cbf651982869c85b73725e0ad26709fe8a44
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-