General
-
Target
document (52).zip
-
Size
42KB
-
Sample
210315-xwaxkhq452
-
MD5
fa3993a80f8b027e7bf18c0320cba404
-
SHA1
fec3736ade603ba840825a36ad1786ffafbf8299
-
SHA256
224ff5cdbea4d3540f7c8c32086a5bd5113923377508f002a77549cbd92f5c72
-
SHA512
b5ed290819f6ba80e8ffef2c438c3dff4ca7b578e7d26ba84a9555443397aa1532a0fada8af9ef412b17b9f6e6452a0da3863a31f42a3f07abb8e5042cc61f1b
Behavioral task
behavioral1
Sample
Documents457.xlsm
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Documents457.xlsm
Resource
win10v20201028
Malware Config
Extracted
http://xgka03stox03cloeqz.com/index.gif
Targets
-
-
Target
Documents457.xlsm
-
Size
57KB
-
MD5
9793c1a18272f2459fee69f8f914388f
-
SHA1
740aa60f77f9372bad6e533637ef9e812d1f9b44
-
SHA256
9ba472bd3fcd23bf1b820c9f35e33fd64c334c2e3b7189bf77bc0c080c449e56
-
SHA512
4fd053e65f414f20c3ef3f53169968f0766f63dea462b373b682734c32309a128a975609c636d7cf42350319d88e1c15c77f98041b25d9c65eb077560022edfa
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-