General
-
Target
Info_147229.xlsb
-
Size
233KB
-
Sample
210315-9zv2n3lpen
-
MD5
8cedff60a76df7b862602542787f9d42
-
SHA1
e4e89f465f27e171e48e43d5e9c6005302d06aae
-
SHA256
2d8ff1018eab9fd4ed72d8e3083db92eb924965706df0425ccb4470190034510
-
SHA512
15b3c3de6bead8fbac34694e8dbdd1984034a9736f4590ed16f26f96f5e0aa8894a1439b89a659376608612a26f04612488f17781c177bba5bc10c2e69e0f605
Behavioral task
behavioral1
Sample
Info_147229.xlsb
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Info_147229.xlsb
Resource
win10v20201028
Malware Config
Extracted
http://195.123.222.188/campo/e/e1
Targets
-
-
Target
Info_147229.xlsb
-
Size
233KB
-
MD5
8cedff60a76df7b862602542787f9d42
-
SHA1
e4e89f465f27e171e48e43d5e9c6005302d06aae
-
SHA256
2d8ff1018eab9fd4ed72d8e3083db92eb924965706df0425ccb4470190034510
-
SHA512
15b3c3de6bead8fbac34694e8dbdd1984034a9736f4590ed16f26f96f5e0aa8894a1439b89a659376608612a26f04612488f17781c177bba5bc10c2e69e0f605
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-