General
-
Target
attached (51).zip
-
Size
33KB
-
Sample
210312-sjjela9mex
-
MD5
ebda2827a23541fe9cd1605a8d525f97
-
SHA1
5b1976e0c6e0b84ab74226bbc24c8a364878c78c
-
SHA256
2161546f95ba248ef18336984b39e0a97266af5a985a97118265b11f76f46c99
-
SHA512
0a8ba8b4205700299011d3bdda6827a0342ccc7eb34d91c7b93a1c1a511d43fff7188e49e962f93274bcdbed032b083f3f867a0b432fe9aa85807e5d66160ea0
Behavioral task
behavioral1
Sample
document-232490250.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-232490250.xls
Resource
win10v20201028
Malware Config
Extracted
http://gcfxb12aefoyn03epdoji.xyz/i.gif
Targets
-
-
Target
document-232490250.xls
-
Size
138KB
-
MD5
e4cf46b35d3d71337b1ea4d2fd7aa6e6
-
SHA1
3688deb57422a0bcac4875e49f47c9207aa8c4f9
-
SHA256
a3dd883fef791bb1702169b25faa3416a76a818af4207ebfd355bbf3e57aec22
-
SHA512
011aa94a244eb718a584d56443dfbfee0ca24637c5833319799bc8228dce3b66f2b27980818b20fa1afb4bb61cb32c4d378e8f31081dbb7cba6880dacd69cf97
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-