General
-
Target
document-1683161012.xls
-
Size
138KB
-
Sample
210312-5dymeg562s
-
MD5
ed6921e7824c18f5f2cb4a2779cd6833
-
SHA1
9beb48e7350ed7a8b36920ae37311fb9f99733b7
-
SHA256
25d9cdf57a2603974b62bd8cf3e3fc9c64dee7ba9b98eb13f58cab24e9ee3252
-
SHA512
e4faff579f7dd6b90215d1b5dda1e4341513433c51f2102d3253a7781ac2c792b2703118890aa16038e1fa13753a3cfc7c4ca7e8501289cb018a40dd186959f8
Behavioral task
behavioral1
Sample
document-1683161012.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1683161012.xls
Resource
win10v20201028
Malware Config
Extracted
http://nvelj12qyyfi03kqxy.xyz/i.gif
Targets
-
-
Target
document-1683161012.xls
-
Size
138KB
-
MD5
ed6921e7824c18f5f2cb4a2779cd6833
-
SHA1
9beb48e7350ed7a8b36920ae37311fb9f99733b7
-
SHA256
25d9cdf57a2603974b62bd8cf3e3fc9c64dee7ba9b98eb13f58cab24e9ee3252
-
SHA512
e4faff579f7dd6b90215d1b5dda1e4341513433c51f2102d3253a7781ac2c792b2703118890aa16038e1fa13753a3cfc7c4ca7e8501289cb018a40dd186959f8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-