General
-
Target
document-1427996815.xls
-
Size
138KB
-
Sample
210312-nc6mf5846e
-
MD5
1aa8b3abd339038569d7df4fd8e6dc99
-
SHA1
7bed8cddc2d7a354618bd4839fec50047a84c9b1
-
SHA256
09f89aadd7c1456cad78be98286b61277b3de6eecefb3169ee1953bcbcac13c2
-
SHA512
3e65f15c53bbc1a5e487ed06e396123c79cda5e7903644d6f06d92791f44966d3601fad6e62828029ea559276d5614f5d404931b1814107cbba863c13bfdbeef
Behavioral task
behavioral1
Sample
document-1427996815.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1427996815.xls
Resource
win10v20201028
Malware Config
Extracted
http://gcfxb12aefoyn03epdoji.xyz/i.gif
Targets
-
-
Target
document-1427996815.xls
-
Size
138KB
-
MD5
1aa8b3abd339038569d7df4fd8e6dc99
-
SHA1
7bed8cddc2d7a354618bd4839fec50047a84c9b1
-
SHA256
09f89aadd7c1456cad78be98286b61277b3de6eecefb3169ee1953bcbcac13c2
-
SHA512
3e65f15c53bbc1a5e487ed06e396123c79cda5e7903644d6f06d92791f44966d3601fad6e62828029ea559276d5614f5d404931b1814107cbba863c13bfdbeef
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-