General
-
Target
Overdue-894289303-04212021.xlsm
-
Size
328KB
-
Sample
210421-gbdn8vseje
-
MD5
7125d3e4dc791d94ff80bdc13a65365c
-
SHA1
4521f4db608f9ddd0cfaeb1d93d68d98456e0c71
-
SHA256
b4b7e4e8230f4c6d2cec3858fdb3006346132aef0810c1e957170b0470efa81f
-
SHA512
663fe4ad28fd2c79c2da27d2635c6ea70f8d37277a455741b3c99f7c88f5c9c1e6a3666c61b575f7da3119e2d1e4b35f80fb3c0d348ba1e8b8c3878d295c8124
Behavioral task
behavioral1
Sample
Overdue-894289303-04212021.xlsm
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Overdue-894289303-04212021.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://193.203.202.55/44300,5396033565.dat
http://190.14.37.245/44300,5396033565.dat
http://194.67.214.216/44300,5396033565.dat
Targets
-
-
Target
Overdue-894289303-04212021.xlsm
-
Size
328KB
-
MD5
7125d3e4dc791d94ff80bdc13a65365c
-
SHA1
4521f4db608f9ddd0cfaeb1d93d68d98456e0c71
-
SHA256
b4b7e4e8230f4c6d2cec3858fdb3006346132aef0810c1e957170b0470efa81f
-
SHA512
663fe4ad28fd2c79c2da27d2635c6ea70f8d37277a455741b3c99f7c88f5c9c1e6a3666c61b575f7da3119e2d1e4b35f80fb3c0d348ba1e8b8c3878d295c8124
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-