General
-
Target
51358.xlsm
-
Size
25KB
-
Sample
210311-yv8kh2encs
-
MD5
2def613694c2c79001ebe7a00de127bf
-
SHA1
d2b535ba47ff49102bbb33dfd09a819bfc119092
-
SHA256
6532b871f42e5f20153074f9dd666557f091b45b61c6ef3690ae0e5c26f1d44a
-
SHA512
8aaa1cc2ec898557edeaaf5ba763240b9a4e72f3fdb8f74d96c7a3d6b9e73bde853a86cd32f7f1dfe01448e95cf849d22a18be55785a8b07742c5ca741189a7d
Behavioral task
behavioral1
Sample
51358.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
51358.xlsm
Resource
win10v20201028
Malware Config
Extracted
https://eurobones.com.br/server.php
Targets
-
-
Target
51358.xlsm
-
Size
25KB
-
MD5
2def613694c2c79001ebe7a00de127bf
-
SHA1
d2b535ba47ff49102bbb33dfd09a819bfc119092
-
SHA256
6532b871f42e5f20153074f9dd666557f091b45b61c6ef3690ae0e5c26f1d44a
-
SHA512
8aaa1cc2ec898557edeaaf5ba763240b9a4e72f3fdb8f74d96c7a3d6b9e73bde853a86cd32f7f1dfe01448e95cf849d22a18be55785a8b07742c5ca741189a7d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-