General
-
Target
Documents676.xlsm
-
Size
57KB
-
Sample
210315-ggc6eejb9s
-
MD5
8c9041813c83038de85079aa49f3d936
-
SHA1
6fa687e4396b933d0b4555455b55de5b8db3baf7
-
SHA256
c5444c7252d6e22f4a2de2168a4afeb08e1f841aeba675e6e632e2c64fcd71ca
-
SHA512
9cf1431762f932a3bf4fd858496e4339443115676084b7b6d1f0ab206940277a3cba09c410e02232e1689dc50501286888de4ed62abc3f12ce6077bcb335b309
Behavioral task
behavioral1
Sample
Documents676.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Documents676.xlsm
Resource
win10v20201028
Malware Config
Extracted
http://vpu03jivmm03qncgx.com/index.gif
Targets
-
-
Target
Documents676.xlsm
-
Size
57KB
-
MD5
8c9041813c83038de85079aa49f3d936
-
SHA1
6fa687e4396b933d0b4555455b55de5b8db3baf7
-
SHA256
c5444c7252d6e22f4a2de2168a4afeb08e1f841aeba675e6e632e2c64fcd71ca
-
SHA512
9cf1431762f932a3bf4fd858496e4339443115676084b7b6d1f0ab206940277a3cba09c410e02232e1689dc50501286888de4ed62abc3f12ce6077bcb335b309
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-