General
-
Target
document-251662366.xls
-
Size
138KB
-
Sample
210312-xz4v84khqe
-
MD5
5abb8307c0d57c2ba30f26f71c1d0ac1
-
SHA1
90b996dc1fb787d5bba8cbf9d96a7c9c503c30bb
-
SHA256
73a585f5da2c288e302dfabe378092b595d94ea7aaacf5b7758fd54c558bd4bb
-
SHA512
9850a56e29c5bf945a8b3a724bf88aa7c8b2dd09b637060c2a7b77d4ba25908d5e8077e860b49a070cde598b6fa8e0a5eef8f01f7e5d443fdc95ab31d22e9441
Behavioral task
behavioral1
Sample
document-251662366.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-251662366.xls
Resource
win10v20201028
Malware Config
Extracted
http://ipok12bcame03shzpiq.xyz/i.gif
Targets
-
-
Target
document-251662366.xls
-
Size
138KB
-
MD5
5abb8307c0d57c2ba30f26f71c1d0ac1
-
SHA1
90b996dc1fb787d5bba8cbf9d96a7c9c503c30bb
-
SHA256
73a585f5da2c288e302dfabe378092b595d94ea7aaacf5b7758fd54c558bd4bb
-
SHA512
9850a56e29c5bf945a8b3a724bf88aa7c8b2dd09b637060c2a7b77d4ba25908d5e8077e860b49a070cde598b6fa8e0a5eef8f01f7e5d443fdc95ab31d22e9441
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-