General
-
Target
attached (52).zip
-
Size
42KB
-
Sample
210315-4l9jwkc3pe
-
MD5
47423c315add947d76fed8ea7731b4cf
-
SHA1
99cc5bc15094110ec996d382646eb5d90da7a4e5
-
SHA256
4465a69d494a4920092c4c75e6d3e8a419c18f664a64391b6b35295022eeb44b
-
SHA512
32c0fea34c77139b75046a698a2f98784e3df5cb6aee9d5a62fd1be606e6cc87731e66668df67e8f1e131ac2bce0f7c40134e3a273ec9faaa983fa6f6c99e77b
Behavioral task
behavioral1
Sample
Documents972.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Documents972.xlsm
Resource
win10v20201028
Malware Config
Extracted
http://xgka03stox03cloeqz.com/index.gif
Targets
-
-
Target
Documents972.xlsm
-
Size
57KB
-
MD5
9793c1a18272f2459fee69f8f914388f
-
SHA1
740aa60f77f9372bad6e533637ef9e812d1f9b44
-
SHA256
9ba472bd3fcd23bf1b820c9f35e33fd64c334c2e3b7189bf77bc0c080c449e56
-
SHA512
4fd053e65f414f20c3ef3f53169968f0766f63dea462b373b682734c32309a128a975609c636d7cf42350319d88e1c15c77f98041b25d9c65eb077560022edfa
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-