General
-
Target
collected (64).zip
-
Size
33KB
-
Sample
210312-ld16ej31jn
-
MD5
64b5a2a3dff92c51ba221b3ad1802fa5
-
SHA1
25d5420de6037d15b695a008ae450f1c604c5e2d
-
SHA256
65511c269199007b6a378c6f8e48fe58b2398deaef305e6aac5a94afa69ade48
-
SHA512
1e61d1c9deb7e148fdc1fc577d8977016591e44b5f9eb2c15ee3e8a1dc06e0454876551dec3fd720cb7d524a99a8e5f0326f79aed3c093a5891a0fbe82d756c2
Behavioral task
behavioral1
Sample
document-2116115857.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-2116115857.xls
Resource
win10v20201028
Malware Config
Extracted
http://nvelj12qyyfi03kqxy.xyz/i.gif
Targets
-
-
Target
document-2116115857.xls
-
Size
138KB
-
MD5
298b04a1308d15fec52c6ee0de68b208
-
SHA1
eaa5b596a388458d54e6b7c9313c1b61689ac817
-
SHA256
f44844a796ae3701b351e396b6fc5ec77120cc46d377c152dac982c9e4498eb3
-
SHA512
6176f4eb8fa64f004d2981b3ef1762e38010a798ab1f82d941a06c73b444336323154245c6af83710dfdb619ba5ccafec440e5325395aa7dbf208e16a61c1e3e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-