General
-
Target
document-656500814.xls
-
Size
138KB
-
Sample
210312-beglwnpyp6
-
MD5
4bb2e51c0f11c3d6d90a856c52e814bc
-
SHA1
da6c0f17d7dbd1239c61c995c9a7fd9888eed5e5
-
SHA256
52a5e5d97e28e15df6df719f98f2e38133ff98a5abf699f51257063a11ec55e8
-
SHA512
06ab5b3110f534c9487f1e3b50423f237ed7c6fb3d43d50bf07d0595c4460735606bd2749c4465f611c7de8d6cff7194d0543602daeffe46cce60e2b289a6fdd
Behavioral task
behavioral1
Sample
document-656500814.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-656500814.xls
Resource
win10v20201028
Malware Config
Extracted
http://nvelj12qyyfi03kqxy.xyz/i.gif
Targets
-
-
Target
document-656500814.xls
-
Size
138KB
-
MD5
4bb2e51c0f11c3d6d90a856c52e814bc
-
SHA1
da6c0f17d7dbd1239c61c995c9a7fd9888eed5e5
-
SHA256
52a5e5d97e28e15df6df719f98f2e38133ff98a5abf699f51257063a11ec55e8
-
SHA512
06ab5b3110f534c9487f1e3b50423f237ed7c6fb3d43d50bf07d0595c4460735606bd2749c4465f611c7de8d6cff7194d0543602daeffe46cce60e2b289a6fdd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-