General
-
Target
attached (41).zip
-
Size
33KB
-
Sample
210315-242s762jw2
-
MD5
05f3602d2e8dc3bb94baad77766ee084
-
SHA1
8167c650aabd6d80132906d413fc4ee4d2aa519c
-
SHA256
5e9a61496fd00b4d8fb5496d83b1b9751bbdee13c699026d7ffd5782a7d267ca
-
SHA512
dc0212e2f020a00b53af55e0f70f52affd5939c58093269da989b39993d694c591238397f4df278fe403136616b8c13407521761dc2cc99e866d3b2512cd0183
Malware Config
Extracted
http://zltw15tzezi03nbmru.xyz/w.gif
Targets
-
-
Target
document-26923913.xls
-
Size
139KB
-
MD5
856264d950dce0177d6ea88fa31917a0
-
SHA1
5943c302dbc5e68e3afa8beea92d1a8185a3b129
-
SHA256
5721c1053141201c43907578fbbc18da6beba7aa017bdcf2178ada74e6844f5a
-
SHA512
b7653115b0ec53544874e64b6fdc55df5c49f3f1de65b2c9bf4d59fe9fa4b437e931d04e260d475a378a7c509708d515eff9484e9c9f22f24f998122e42b4164
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-