General
-
Target
document-1865975572.xls
-
Size
138KB
-
Sample
210312-xrrl7y1mss
-
MD5
049b4936a69c550eada3b931d7124e25
-
SHA1
166085d0c208891568b450fa1e6220025400fc31
-
SHA256
29171354e4ae13a40193f189cae9b3c9376265ff67697efb1da97cd6ebeaf4f1
-
SHA512
8e28ad1233009ec3e632c4d1700665080945138526578a74bd9465c8ddae7011b7c2172378152d6ec61672337872e6af8980c6b835f2eb61a488d4c764e724e8
Behavioral task
behavioral1
Sample
document-1865975572.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1865975572.xls
Resource
win10v20201028
Malware Config
Extracted
http://nvelj12qyyfi03kqxy.xyz/i.gif
Targets
-
-
Target
document-1865975572.xls
-
Size
138KB
-
MD5
049b4936a69c550eada3b931d7124e25
-
SHA1
166085d0c208891568b450fa1e6220025400fc31
-
SHA256
29171354e4ae13a40193f189cae9b3c9376265ff67697efb1da97cd6ebeaf4f1
-
SHA512
8e28ad1233009ec3e632c4d1700665080945138526578a74bd9465c8ddae7011b7c2172378152d6ec61672337872e6af8980c6b835f2eb61a488d4c764e724e8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-