General
-
Target
Cu1QR2z38E4W2NgQHfqV.xlsm
-
Size
86KB
-
Sample
210505-rcetwslzqn
-
MD5
e0cc41db104dd584ec0892a6d9272857
-
SHA1
6981c956a823237fdf70f7991c1e26e3f717c2bf
-
SHA256
7e2a11cecbc2923948aadee268e34f62c2d6e661986e52ae495358a24b64bcfe
-
SHA512
475edf003707a8146f986501598a16b97db8b5b2137a3ed2ac1188a90b311d70de7870d6aa0ffa60e2b60006091c1749a6cef733300f26385ab7a0f4ef8c07fd
Behavioral task
behavioral1
Sample
Cu1QR2z38E4W2NgQHfqV.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Cu1QR2z38E4W2NgQHfqV.xlsm
Resource
win10v20210410
Malware Config
Extracted
https://thersnyc.com/fxcS6exSJr0/04.html
https://justverify.online/ZKrubZZn5V/04.html
Targets
-
-
Target
Cu1QR2z38E4W2NgQHfqV.xlsm
-
Size
86KB
-
MD5
e0cc41db104dd584ec0892a6d9272857
-
SHA1
6981c956a823237fdf70f7991c1e26e3f717c2bf
-
SHA256
7e2a11cecbc2923948aadee268e34f62c2d6e661986e52ae495358a24b64bcfe
-
SHA512
475edf003707a8146f986501598a16b97db8b5b2137a3ed2ac1188a90b311d70de7870d6aa0ffa60e2b60006091c1749a6cef733300f26385ab7a0f4ef8c07fd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-