General
-
Target
collected (42).zip
-
Size
33KB
-
Sample
210312-jzy1d38t92
-
MD5
d3779718f632f49e58d7eaa71acf89fd
-
SHA1
0ea0dc3ed814a17196251f8356f8522b56e753e1
-
SHA256
2629771e79bb397255f48599fea26cbbb87d371eed7adbc955e102dfbabff37e
-
SHA512
a798177472d613ba1d9871c717466e8ca6d70cdafcb35ea03b571aee3a436433e481810d6e77d8e8578dd868845ee47bfb3de80f7a824886be59133bcd256555
Behavioral task
behavioral1
Sample
document-1493660683.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1493660683.xls
Resource
win10v20201028
Malware Config
Extracted
http://gcfxb12aefoyn03epdoji.xyz/i.gif
Targets
-
-
Target
document-1493660683.xls
-
Size
138KB
-
MD5
14d530304d5dc7de3ac733668aada46b
-
SHA1
b2bea2224cecce48b64c6266567f00c826f12704
-
SHA256
043a3b64882b41ead3af3c2476b7d62ce11485897f77281755973dbf1701283b
-
SHA512
f6cf83f0fd6a54dd71c1962e13948330765122887ece92e602139f7c0359991a6f316700874177edaeca246a91b685ff80aaddf9bd7bc59f78b888a3be8b3716
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-