General
-
Target
document-1956611471.xls
-
Size
139KB
-
Sample
210315-k5xp7vaj7a
-
MD5
5cdbc425fccbee5776ea3a8a2aa48191
-
SHA1
e08f9e6ceb6a7057de944ebfc2fe5f8f4dabb32c
-
SHA256
1a8549a798e6817db02ef32a2d889ba33c30bf30c4dd17d894687c9be7cac5d0
-
SHA512
e79b18d6bb8665b86205a18579ea38f4d58b22fbba8a042ca37eebb2fdc532cc40a53a87f6d5a74be565854fbfb5a2aca50f3412a46d75032d9c7c48ce123948
Behavioral task
behavioral1
Sample
document-1956611471.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1956611471.xls
Resource
win10v20201028
Malware Config
Extracted
http://bpxe15jijmh03ubiwhh.xyz/w.gif
Targets
-
-
Target
document-1956611471.xls
-
Size
139KB
-
MD5
5cdbc425fccbee5776ea3a8a2aa48191
-
SHA1
e08f9e6ceb6a7057de944ebfc2fe5f8f4dabb32c
-
SHA256
1a8549a798e6817db02ef32a2d889ba33c30bf30c4dd17d894687c9be7cac5d0
-
SHA512
e79b18d6bb8665b86205a18579ea38f4d58b22fbba8a042ca37eebb2fdc532cc40a53a87f6d5a74be565854fbfb5a2aca50f3412a46d75032d9c7c48ce123948
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-