General
-
Target
mal.xls
-
Size
273KB
-
Sample
210316-ratfxrnzza
-
MD5
c96139bf98423aaabcdf618081663a40
-
SHA1
f14629ec76888b6a4eb54e5d849a6f34058d7fea
-
SHA256
f4fc313fbfeafb3eb383097ff2c9f791cfb0f687a8488b8bc0923e9d693cdc4c
-
SHA512
50c67303f2a3278c0b656b55d8ea68e9d213f8b6549882d6d252e6a2e36bff87b11c4181eb7ad4ee0a32a27120e0aa023c57bb48af77f56694765d905c20bc51
Behavioral task
behavioral1
Sample
mal.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
mal.xls
Resource
win10v20201028
Malware Config
Extracted
https://sssolutionsllc.org/k.php
Targets
-
-
Target
mal.xls
-
Size
273KB
-
MD5
c96139bf98423aaabcdf618081663a40
-
SHA1
f14629ec76888b6a4eb54e5d849a6f34058d7fea
-
SHA256
f4fc313fbfeafb3eb383097ff2c9f791cfb0f687a8488b8bc0923e9d693cdc4c
-
SHA512
50c67303f2a3278c0b656b55d8ea68e9d213f8b6549882d6d252e6a2e36bff87b11c4181eb7ad4ee0a32a27120e0aa023c57bb48af77f56694765d905c20bc51
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-