General
-
Target
paper (23).zip
-
Size
34KB
-
Sample
210315-fzeef3pnsa
-
MD5
3ba1851ab88c2a87f3d8b78e116a7a5d
-
SHA1
8a8958e3c420dfb3b27f87f909027158c107f10d
-
SHA256
1dc2507ce9432a30a94f545bdf3e083307ffc3fa502df61d9aed0083304849ad
-
SHA512
d856554309383dc1d6fdaaab0df51ab47be47c6a97c4d5e9f245fdc591abb1d2666287d980a37909b18a56fcd407aa9c8bdbd9ee50676ea906fd3a8a17e68a39
Behavioral task
behavioral1
Sample
document-480334777.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-480334777.xls
Resource
win10v20201028
Malware Config
Extracted
http://usy15wycqme03dymh.xyz/w.gif
Targets
-
-
Target
document-480334777.xls
-
Size
139KB
-
MD5
e75af52fa07df46fab00de05fe28dc60
-
SHA1
cf1c73e0b8ea1dfd4a62223c91a9b6122b4b5fd2
-
SHA256
269e4f9a1289ec667bd55000472825ea3facf65f4c8796abc421ee7cc381cc43
-
SHA512
641fb8fa4eed5ca09ea755045c173259e7a5c1d77e1a26ef8d933eda2a3d8d6563dd102d3919cd2b8d2e1e03da22fa8df8ca3ae11130d383473fda697fdfbc6d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-