General
-
Target
Information_146581.xlsb
-
Size
233KB
-
Sample
210315-dq8cr4fjd6
-
MD5
ef04376c4762e75f60da9d6c9ae38be1
-
SHA1
d9b0b7ed10a9971156b0e57b2a5cee1a31725f91
-
SHA256
fecc5522687356991cdaafe2eaacb9391eb44af7aa34eb2f6459e0db118a323d
-
SHA512
62c1a74e230ad5184a19fba904fbb59942b08f1198dba73721e9460af7917ed82af3e853edfb6853b2de4849065e01cb2a2fa0aaace4e85605b3efde2bf71aa9
Behavioral task
behavioral1
Sample
Information_146581.xlsb
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Information_146581.xlsb
Resource
win10v20201028
Malware Config
Extracted
http://195.123.222.194/campo/h/h3
Targets
-
-
Target
Information_146581.xlsb
-
Size
233KB
-
MD5
ef04376c4762e75f60da9d6c9ae38be1
-
SHA1
d9b0b7ed10a9971156b0e57b2a5cee1a31725f91
-
SHA256
fecc5522687356991cdaafe2eaacb9391eb44af7aa34eb2f6459e0db118a323d
-
SHA512
62c1a74e230ad5184a19fba904fbb59942b08f1198dba73721e9460af7917ed82af3e853edfb6853b2de4849065e01cb2a2fa0aaace4e85605b3efde2bf71aa9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-