General
-
Target
SecuriteInfo.com.Heur.9603.22830
-
Size
273KB
-
Sample
210313-q3h2rjk2fs
-
MD5
ce21a33b634b572514cdc5a327b08778
-
SHA1
f7ac6299d0e19f452e4828bcb30eb9cb50383fff
-
SHA256
0782a2070e674e39d93e31282fe5f9ca680c45394c39fb7fa343ec87a6f6cd94
-
SHA512
31b57f6e5cbb55d122e4b859911126e7cae56a8908aa17760656b2ae42e81be5899158930a04c311ae7f5ab93f7e2d8e8813c9eae0050783ac403194610cae0a
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Heur.9603.22830.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Heur.9603.22830.xls
Resource
win10v20201028
Malware Config
Extracted
https://sssolutionsllc.org/k.php
Targets
-
-
Target
SecuriteInfo.com.Heur.9603.22830
-
Size
273KB
-
MD5
ce21a33b634b572514cdc5a327b08778
-
SHA1
f7ac6299d0e19f452e4828bcb30eb9cb50383fff
-
SHA256
0782a2070e674e39d93e31282fe5f9ca680c45394c39fb7fa343ec87a6f6cd94
-
SHA512
31b57f6e5cbb55d122e4b859911126e7cae56a8908aa17760656b2ae42e81be5899158930a04c311ae7f5ab93f7e2d8e8813c9eae0050783ac403194610cae0a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-