General
-
Target
sp1.xls
-
Size
38KB
-
Sample
210510-glscbptve6
-
MD5
db0688f5d2319ec6af692010bfb28ffd
-
SHA1
39c0869d8aff33c21bd1b9730f01c7f48744c295
-
SHA256
35880c5210af5dca3edc22a693ab5f0cfcec0105cec988d930ab29fe09bd3461
-
SHA512
243675edb67e9680c0ba2aeedc31227120c27bde6048a73f1baff37cf611c1e723d53f9eba170a4ba23a493cb09f04be3fa97e56bf8a8fc13c1aca646bac68d6
Behavioral task
behavioral1
Sample
sp1.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
sp1.xls
Resource
win10v20210410
Malware Config
Targets
-
-
Target
sp1.xls
-
Size
38KB
-
MD5
db0688f5d2319ec6af692010bfb28ffd
-
SHA1
39c0869d8aff33c21bd1b9730f01c7f48744c295
-
SHA256
35880c5210af5dca3edc22a693ab5f0cfcec0105cec988d930ab29fe09bd3461
-
SHA512
243675edb67e9680c0ba2aeedc31227120c27bde6048a73f1baff37cf611c1e723d53f9eba170a4ba23a493cb09f04be3fa97e56bf8a8fc13c1aca646bac68d6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Use of msiexec (install) with remote resource
-