General
-
Target
_file_attached (61).zip
-
Size
33KB
-
Sample
210312-3zw673cq3a
-
MD5
f6ea08faf208fb02c76d2ba1faa5d7f6
-
SHA1
2773e133d0c7cf288e1bd3f5168a4ddb67572132
-
SHA256
64cbf5b608a951a74281ad78c2d8426461b30c3b3551aa204967f58b567fe0aa
-
SHA512
486dba7dc288c0b1e014195673b3d4e3cd1ad8232db449247cdb27262e8f5df64dddcea3bdc82e3d1a69c62c668fed57558e8b9791f0a2653ae39bf9a76d8179
Behavioral task
behavioral1
Sample
document-1102936390.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1102936390.xls
Resource
win10v20201028
Malware Config
Extracted
http://nvelj12qyyfi03kqxy.xyz/i.gif
Targets
-
-
Target
document-1102936390.xls
-
Size
138KB
-
MD5
de7b4a4cebde9b7d225f21a522269fb1
-
SHA1
b90d3a4439b3a0088963f06c6f6185affdee3238
-
SHA256
e214a6d292f286a7be2753a0ec6f11ded81e611f2fd39f94ec262a4ff47c2c71
-
SHA512
086444a016881f99fc2cd92a987ee18b62200a238abe67701ef127d80ebedbb6ec6092b8e903eba28f456d75bcf4828dfb82f415174726f74fa11d32aea8c706
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-