General
-
Target
doc (55).zip
-
Size
33KB
-
Sample
210312-ppylypqmyn
-
MD5
9644e7bf98249a61ac7d2337afa19f0e
-
SHA1
66b775ee72e00b711dfa2c7a66d6f8abea2dc990
-
SHA256
10f840014f0eeaef53721d101250db1686b5eba01ba2519f58ddc05fc2bf97c9
-
SHA512
3e05682a6be108307fe2c0b7da1889d60f9f7bd25948f47d8083c0588ebb5fce64632a5c7785098861c478f66b5ca98abd0f5204495f2efc7ec06dee5a9c1eab
Behavioral task
behavioral1
Sample
document-1922515199.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1922515199.xls
Resource
win10v20201028
Malware Config
Extracted
http://bqx12lnjk03rrdio.xyz/i.gif
Targets
-
-
Target
document-1922515199.xls
-
Size
138KB
-
MD5
440830e3be371c53dbbe571736b105e3
-
SHA1
3d63c4e83ded0a6240f9270878513586aebe39e3
-
SHA256
497a4b4da11c775051944cf50abfb5d0af842b229a792a4167663d0bbdee25a5
-
SHA512
41a8f887284ee3954e6e97b43b325671b26fc4cfe5c28eec150ddb3848a51bd742bf7bde02be1a5b875e2a5d971bbba5c92e91ad0757dc78e0800c0d80e59782
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-