General
-
Target
Overdue-894289303-04212021.zip
-
Size
324KB
-
Sample
210421-kxbj4yhsaj
-
MD5
0aab8e50d029d9aabff948935d93b944
-
SHA1
ea03769bbd867340def1550471520203bcd753af
-
SHA256
ace0dc3c4f94dda7a1fe753752d3bd350df3f4cc1370dc054c9f26cb5e3fca9d
-
SHA512
28a3df816e3958959c1cf5f0c025bc51a691baf368c4ede1158f2cdd190460ffbad3937d6a1225a7fd322cce4aa936e62ad136806407c5b9b179312fb002af71
Behavioral task
behavioral1
Sample
Overdue-894289303-04212021.xlsm
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Overdue-894289303-04212021.xlsm
Resource
win10v20210410
Malware Config
Extracted
http://193.203.202.55/44300,5396033565.dat
http://190.14.37.245/44300,5396033565.dat
http://194.67.214.216/44300,5396033565.dat
Targets
-
-
Target
Overdue-894289303-04212021.xlsm
-
Size
328KB
-
MD5
7125d3e4dc791d94ff80bdc13a65365c
-
SHA1
4521f4db608f9ddd0cfaeb1d93d68d98456e0c71
-
SHA256
b4b7e4e8230f4c6d2cec3858fdb3006346132aef0810c1e957170b0470efa81f
-
SHA512
663fe4ad28fd2c79c2da27d2635c6ea70f8d37277a455741b3c99f7c88f5c9c1e6a3666c61b575f7da3119e2d1e4b35f80fb3c0d348ba1e8b8c3878d295c8124
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-