Extracted

• • Target

    B06CO4I2G0u642m5Gi6R.xlsb

  • Size

    327KB

  • MD5

    11ae52bd9c6a338582892d1a0e565269

  • SHA1

    3b29f297c2abe8208da5071724db6361348d0d17

  • SHA256

    720ac949e6743c94b40a02c010489f57696122431ccd4d9ab7a3eee00b8f7a77

  • SHA512

    af8b710f2ef8b0edc2b97930cbc703bb08497c961b34357fb0b6895108de16e53d3fe936357cea2fc907c444256868ec71b5959c6bd933d60bb07053a094b4d7

  Score

  10^/10

  nloaderloaderupx

  • Nloader

    Simple loader that includes the keyword 'campo' in the URL used to download other families.

    loadernloader

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • ACProtect 1.3x - 1.4x DLL software

    Detects file using ACProtect software.

  • Nloader Payload

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Loads dropped DLL

  behavioral1behavioral2