General
-
Target
b1c94889b4e1b6b9888b923eb50558b305258cb8acb2fc7bf87c95f6fe313d6d
-
Size
160KB
-
Sample
210421-85p6kl9xpn
-
MD5
ccd24fe5cf3deb13ed67c5e0a5217084
-
SHA1
f911b43b48f17a978978376d5159916a6c07e9c3
-
SHA256
b1c94889b4e1b6b9888b923eb50558b305258cb8acb2fc7bf87c95f6fe313d6d
-
SHA512
d804f4809a18f2453c026ab58a95504671ba05d19968adc1e3496afab64e6a6ca5e9d5b57db41954ae94e1b397621da679d8c98346e2e4bf8b6bdd5f258d451a
Static task
static1
Behavioral task
behavioral1
Sample
b1c94889b4e1b6b9888b923eb50558b305258cb8acb2fc7bf87c95f6fe313d6d.xlsm
Resource
win7v20210410
Malware Config
Targets
-
-
Target
b1c94889b4e1b6b9888b923eb50558b305258cb8acb2fc7bf87c95f6fe313d6d
-
Size
160KB
-
MD5
ccd24fe5cf3deb13ed67c5e0a5217084
-
SHA1
f911b43b48f17a978978376d5159916a6c07e9c3
-
SHA256
b1c94889b4e1b6b9888b923eb50558b305258cb8acb2fc7bf87c95f6fe313d6d
-
SHA512
d804f4809a18f2453c026ab58a95504671ba05d19968adc1e3496afab64e6a6ca5e9d5b57db41954ae94e1b397621da679d8c98346e2e4bf8b6bdd5f258d451a
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-
Loads dropped DLL
-