General
-
Target
document-969376331.xls
-
Size
139KB
-
Sample
210315-xrk9yptlan
-
MD5
e445762a289ffecb75616573a6710acc
-
SHA1
55d31ed14d453429de25e15c0d53fa280a13887c
-
SHA256
031c394fa9cd4361106ccd7c353cddbeb40fc02610aa9933bda9861ab63f8fc3
-
SHA512
de2f9cdc88c3b1363c94f652e4e63324142e88bbf393d78d918a62ac2062f6b993f20f68b9228910cf705b86c0f45c9f8657ee6a3517b61c7325c342f1c62b40
Malware Config
Extracted
http://zltw15tzezi03nbmru.xyz/w.gif
Targets
-
-
Target
document-969376331.xls
-
Size
139KB
-
MD5
e445762a289ffecb75616573a6710acc
-
SHA1
55d31ed14d453429de25e15c0d53fa280a13887c
-
SHA256
031c394fa9cd4361106ccd7c353cddbeb40fc02610aa9933bda9861ab63f8fc3
-
SHA512
de2f9cdc88c3b1363c94f652e4e63324142e88bbf393d78d918a62ac2062f6b993f20f68b9228910cf705b86c0f45c9f8657ee6a3517b61c7325c342f1c62b40
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-