General
-
Target
Invoice #082894.xlsm
-
Size
144KB
-
Sample
210421-46fl2lnm4e
-
MD5
bac2de1101512db86000531344b6d013
-
SHA1
df394bd1f1c7545e1c0219874a8829fc41616038
-
SHA256
4523dad42f520709715aa9d100c4eefca1cfee6a93302323e87937f650228a43
-
SHA512
447a02bbe55934d57e5e74091b0063e36bf7adfe04fb14b7ce40e5d8633aee003101d107ee8284ad2282990153e089f8843006222ece60f5ec5f1e8487023e0c
Static task
static1
Behavioral task
behavioral1
Sample
Invoice #082894.xlsm
Resource
win7v20210410
Malware Config
Targets
-
-
Target
Invoice #082894.xlsm
-
Size
144KB
-
MD5
bac2de1101512db86000531344b6d013
-
SHA1
df394bd1f1c7545e1c0219874a8829fc41616038
-
SHA256
4523dad42f520709715aa9d100c4eefca1cfee6a93302323e87937f650228a43
-
SHA512
447a02bbe55934d57e5e74091b0063e36bf7adfe04fb14b7ce40e5d8633aee003101d107ee8284ad2282990153e089f8843006222ece60f5ec5f1e8487023e0c
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-