General
-
Target
attiv_2417.xlsb
-
Size
68KB
-
Sample
210316-y1jbe746m6
-
MD5
5d9b2037e7a7c0f0a12a344cc7418a2a
-
SHA1
2e207c0a5b051817cbb6c3670f9b4ee300b0278b
-
SHA256
17d6e5840bdf7fd9a447c70388afd98dfe95a6e4818954010fa1b9917f2d2a8e
-
SHA512
f2098318e142fc4dcace1939defe7597d0d2d7ab7b8725f2407464f51f7efd81d3575632440af4fcd90c46bec7ae50463e7be66253c8e54eac472bbfcdc683db
Behavioral task
behavioral1
Sample
attiv_2417.xlsb
Resource
win7v20201028
Behavioral task
behavioral2
Sample
attiv_2417.xlsb
Resource
win10v20201028
Malware Config
Extracted
http://periodiche.casa/signup.jpg
Targets
-
-
Target
attiv_2417.xlsb
-
Size
68KB
-
MD5
5d9b2037e7a7c0f0a12a344cc7418a2a
-
SHA1
2e207c0a5b051817cbb6c3670f9b4ee300b0278b
-
SHA256
17d6e5840bdf7fd9a447c70388afd98dfe95a6e4818954010fa1b9917f2d2a8e
-
SHA512
f2098318e142fc4dcace1939defe7597d0d2d7ab7b8725f2407464f51f7efd81d3575632440af4fcd90c46bec7ae50463e7be66253c8e54eac472bbfcdc683db
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-