General
-
Target
Complaint-Letter-569691619-03102021.zip
-
Size
49KB
-
Sample
210311-zdt5vshsgn
-
MD5
b8958691719e8a1170f7ca48f3c81267
-
SHA1
a69514f80958329c6e1fbda68ac4a1e14bc48e54
-
SHA256
09e6b46502c94b3cb5d7b8dd9c9dcda29f2d140488d8c09415ea9b0c6b484019
-
SHA512
66027d0a42a166f33890370acd4a3fcfa766051b9adac15c48071243e9380f478974abd45b46b1fee0b028e63b5cd4a2618430ca4b0f6741ccf1eca827a7d3ac
Behavioral task
behavioral1
Sample
Complaint-Letter-569691619-03102021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Complaint-Letter-569691619-03102021.xls
Resource
win10v20201028
Malware Config
Extracted
http://lackenbauer.ru/bd/hhvqjrec/44266.9139181713.dat
http://www.peacezoneacademy.com/dxsbonlv/44266.9139181713.dat
http://jopo.com/gmaaxbro/44266.9139181713.dat
http://www.thegivingwall.co.uk/jfgolx/44266.9139181713.dat
http://baxtercode.com/qkhpnucmzts/44266.9139181713.dat
Targets
-
-
Target
Complaint-Letter-569691619-03102021.xls
-
Size
276KB
-
MD5
f05457b10a928c0a84211af6dd3a535e
-
SHA1
6cf3b1e91afeb5bf54f466a38bc3a8fc24b66b19
-
SHA256
dd357107e0c6c37da4aa8a5db0a555f904ad2d02851e31c60dea5fc1e7194981
-
SHA512
6684de7baa4419f5c848921d36340a753e6a1e3ed7235fadf3b2c0bb5164396f6315b6524e7095be431fa2927b0f7f53c5d99557e973415ffbc4bce30a70aa5e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-