General
-
Target
attached (89).zip
-
Size
42KB
-
Sample
210315-84tgj8ks6j
-
MD5
5f5fd6a4559a60ee6f59856d9c58ce42
-
SHA1
98696b3ea6d5972d88cd58fb081f1a44d304d1e8
-
SHA256
e75d1f70aaf82289112e4b3859563131738019cfb2198a96a5d6197a99db4f20
-
SHA512
0c7cfd5738bf5ed80a7346691521d0674630a75c89602994c37c45cb777045b0acd602f6f190fdf612b78c1b7c6170b4011547824043656a6ffe8047f8e905e5
Behavioral task
behavioral1
Sample
Documents449.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Documents449.xlsm
Resource
win10v20201028
Malware Config
Extracted
http://yar03jmtvr03jtqg.com/index.gif
Targets
-
-
Target
Documents449.xlsm
-
Size
57KB
-
MD5
9dbad542b671f4e700258b2c58a9195b
-
SHA1
0a24b5ba33f37c387a9895702959169f4f577bfa
-
SHA256
3d799da3e93bebcb93e74ebf906a4690914aa338538eb7abe5627ff87e455da7
-
SHA512
f50541f6c7059f7a61fe9896b6d0eccfedc34a5b3a81ee7232ea792d0946105c1070785decb54357a3b834a67a3fb37edeab4ab093a474d7a546b0f75b0a5647
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-