General
-
Target
document-1451616459.xls
-
Size
138KB
-
Sample
210315-ve9ehfhwlx
-
MD5
08d201c4489b47be625a3a230640dc20
-
SHA1
3f5264afa4b50968224a4c5a9e3d8a27a7fbb77b
-
SHA256
01c0663e41e4673d1609d753a854b37d53c4c9d533dad979ed86dcb26b82a4b2
-
SHA512
f65b65e640b8b2aec289dc38c8c96b251ae552c40743638b381ad676a0e36928fd9501328d1bf457025d3234df3793b9ac1eee41db0e4346e2eddaab7a555706
Behavioral task
behavioral1
Sample
document-1451616459.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1451616459.xls
Resource
win10v20201028
Malware Config
Extracted
http://nvelj12qyyfi03kqxy.xyz/i.gif
Targets
-
-
Target
document-1451616459.xls
-
Size
138KB
-
MD5
08d201c4489b47be625a3a230640dc20
-
SHA1
3f5264afa4b50968224a4c5a9e3d8a27a7fbb77b
-
SHA256
01c0663e41e4673d1609d753a854b37d53c4c9d533dad979ed86dcb26b82a4b2
-
SHA512
f65b65e640b8b2aec289dc38c8c96b251ae552c40743638b381ad676a0e36928fd9501328d1bf457025d3234df3793b9ac1eee41db0e4346e2eddaab7a555706
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-