General
-
Target
this_issue (69).zip
-
Size
33KB
-
Sample
210312-dln2qvwpc2
-
MD5
1bbfa2c0961562fa795a204e6f1a79e4
-
SHA1
4660b3f16511f35872941391b6cfa25c6547f1d2
-
SHA256
623aa89cf7b10f747121aff9c9cbb4793d62eeb47b24f69a01f5b8acb66117b2
-
SHA512
9a7049b255800808efc9f4aea9de281bd36968b64ea8c7b5a3f20e755b41493fd766796e9b94645582c0e87a9193419c33f67fb34df5e62de6648d47bf1d9aab
Behavioral task
behavioral1
Sample
document-89196717.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-89196717.xls
Resource
win10v20201028
Malware Config
Extracted
http://gcfxb12aefoyn03epdoji.xyz/i.gif
Targets
-
-
Target
document-89196717.xls
-
Size
138KB
-
MD5
345f5489f62cf114deca5578f9ec8c13
-
SHA1
53028c6bd91b10c71bda19e6839c987e927ea482
-
SHA256
2a0e2ee51d91768fdd5304b33e64f8d66cd7448c1f3d629c1f457b1d501fff9a
-
SHA512
c87e860110ac8cc7c0f3d66cb3dce8cbeff2007cebd6e9056cb594c40c0467a968509289a0144bf9e594169f7e02f41969d895ddf5d84288caf85c235d48e9e8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-