General
-
Target
attiv_750.xlsb
-
Size
84KB
-
Sample
210316-1y3c37zz36
-
MD5
5c380aada43584cb942a3f3c982420e7
-
SHA1
d22c914eb360933f3d51ca3da01178140fecf9e3
-
SHA256
5499a5b9e59cb76f0ff61083dbc75b554bbefa22e886d192bc5d07025e1add51
-
SHA512
662e6aaa7ab4912ddc44da2de4c2fe27bd60aefc9b3880a773cb7e8bd64217cc95ec8e347a1c3b24e75bfe0f6b68ca25c5fb08c3b3e2447f32f446f3b9dec4dd
Behavioral task
behavioral1
Sample
attiv_750.xlsb
Resource
win7v20201028
Behavioral task
behavioral2
Sample
attiv_750.xlsb
Resource
win10v20201028
Malware Config
Extracted
http://periodiche.casa/signup.jpg
Targets
-
-
Target
attiv_750.xlsb
-
Size
84KB
-
MD5
5c380aada43584cb942a3f3c982420e7
-
SHA1
d22c914eb360933f3d51ca3da01178140fecf9e3
-
SHA256
5499a5b9e59cb76f0ff61083dbc75b554bbefa22e886d192bc5d07025e1add51
-
SHA512
662e6aaa7ab4912ddc44da2de4c2fe27bd60aefc9b3880a773cb7e8bd64217cc95ec8e347a1c3b24e75bfe0f6b68ca25c5fb08c3b3e2447f32f446f3b9dec4dd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-