General
-
Target
Invoice #2744.xlsm
-
Size
196KB
-
Sample
210421-rh3pheb412
-
MD5
bad9949e5f34dea3453014179e9f4705
-
SHA1
4593a7d5c39f17b357923a8ca450353e4267d305
-
SHA256
c0fb3410e2ddca4fff784a5aa09f4bc22d46db70a23f934ed69c42c8b98c9d36
-
SHA512
1090732f6f64d502e6531c26fcf7fb25b6323cb60cb36d9be3281312f66d36505727db08542885938e66c5a7f4106f5e90ef99a58318ef74a8dff4f27bf8c712
Static task
static1
Behavioral task
behavioral1
Sample
Invoice #2744.xlsm
Resource
win7v20210410
Malware Config
Targets
-
-
Target
Invoice #2744.xlsm
-
Size
196KB
-
MD5
bad9949e5f34dea3453014179e9f4705
-
SHA1
4593a7d5c39f17b357923a8ca450353e4267d305
-
SHA256
c0fb3410e2ddca4fff784a5aa09f4bc22d46db70a23f934ed69c42c8b98c9d36
-
SHA512
1090732f6f64d502e6531c26fcf7fb25b6323cb60cb36d9be3281312f66d36505727db08542885938e66c5a7f4106f5e90ef99a58318ef74a8dff4f27bf8c712
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-
Loads dropped DLL
-