General
-
Target
attiv_1717.xlsb
-
Size
85KB
-
Sample
210316-t45sh8h6ws
-
MD5
e0478696c5fd0f601eebb3783cc470dc
-
SHA1
f95d0ca9719a54e40ff9ec07ec75561ccf0626cc
-
SHA256
a0ee31f222f7b6b4967878a34cd525ff2ad33a817d0d8aeb0064562cdb568fd6
-
SHA512
408a716c178c674fd22951b6cab74f2a1f6e51735f60bccfc811a9b745ebfc142bebebb75bb6a4611b92ccdb5695d0fb26a20f29fefd607d32396cc988eea222
Malware Config
Extracted
http://periodiche.casa/signup.jpg
Targets
-
-
Target
attiv_1717.xlsb
-
Size
85KB
-
MD5
e0478696c5fd0f601eebb3783cc470dc
-
SHA1
f95d0ca9719a54e40ff9ec07ec75561ccf0626cc
-
SHA256
a0ee31f222f7b6b4967878a34cd525ff2ad33a817d0d8aeb0064562cdb568fd6
-
SHA512
408a716c178c674fd22951b6cab74f2a1f6e51735f60bccfc811a9b745ebfc142bebebb75bb6a4611b92ccdb5695d0fb26a20f29fefd607d32396cc988eea222
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-