General
-
Target
CompensationClaim_172261928_03152021.xls
-
Size
233KB
-
Sample
210315-l99r1drl7x
-
MD5
632c4d92e87e694a6268db1817611c5c
-
SHA1
e8348d9ba173c7f5a4dbe33ea86459eb0f9af10c
-
SHA256
2baf563da8db9e2ed765fa7697025d277d06ee53424f6513671f2f6b7441387b
-
SHA512
c5266f654e58094cdcfff9390f13bb9361294a72c8eac386db49f82b8f9f0d985f2e920e4cf59dbf7cc6d274b5a46c26c4fdc540e5d33fc502442e728f6c4ff0
Behavioral task
behavioral1
Sample
CompensationClaim_172261928_03152021.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
CompensationClaim_172261928_03152021.xls
Resource
win10v20201028
Malware Config
Extracted
http://188.127.254.114/44270.7574876157.dat
http://185.82.219.160/44270.7574876157.dat
http://45.140.146.34/44270.7574876157.dat
Targets
-
-
Target
CompensationClaim_172261928_03152021.xls
-
Size
233KB
-
MD5
632c4d92e87e694a6268db1817611c5c
-
SHA1
e8348d9ba173c7f5a4dbe33ea86459eb0f9af10c
-
SHA256
2baf563da8db9e2ed765fa7697025d277d06ee53424f6513671f2f6b7441387b
-
SHA512
c5266f654e58094cdcfff9390f13bb9361294a72c8eac386db49f82b8f9f0d985f2e920e4cf59dbf7cc6d274b5a46c26c4fdc540e5d33fc502442e728f6c4ff0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-