General
-
Target
document-2114004091.xls
-
Size
138KB
-
Sample
210312-mf51zya522
-
MD5
b1a3d8f090e90e5845c2b7077e2f4789
-
SHA1
6614439ad4720ef66bf09e915f86c3013ad65ee4
-
SHA256
f6f9f1ab6983eac01a0e5e3fcb9fe6bb0a94c86440097ae88d481356b70577e4
-
SHA512
250d217e512f8e43427fcd2a80db695cc2fd2b4e7e7995b115e45cf17de7556ac40f40747fb54f6b2471b5b86afef5b994b666e3317f38e4f170c4e225366fcc
Behavioral task
behavioral1
Sample
document-2114004091.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-2114004091.xls
Resource
win10v20201028
Malware Config
Extracted
http://bqx12lnjk03rrdio.xyz/i.gif
Targets
-
-
Target
document-2114004091.xls
-
Size
138KB
-
MD5
b1a3d8f090e90e5845c2b7077e2f4789
-
SHA1
6614439ad4720ef66bf09e915f86c3013ad65ee4
-
SHA256
f6f9f1ab6983eac01a0e5e3fcb9fe6bb0a94c86440097ae88d481356b70577e4
-
SHA512
250d217e512f8e43427fcd2a80db695cc2fd2b4e7e7995b115e45cf17de7556ac40f40747fb54f6b2471b5b86afef5b994b666e3317f38e4f170c4e225366fcc
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-