General
-
Target
6379233548730368.zip
-
Size
49KB
-
Sample
210511-9jdlfglf2e
-
MD5
168f2d581332853ca46efd0d377bd976
-
SHA1
0a462328680cf1d37d138f28799903806991281a
-
SHA256
8ce437b22df609ef044e937d4fcb5b711d2d5af31e0ef919ba20851dfae9fa57
-
SHA512
9dabe4291e1f31fe956adaa573e255383ce02fc80dd50cea175c174cfb70d8e3a3cf7d68ec14e3d62aa42c885e0b90fe50e508c855084cd1f9723ad489293f23
Behavioral task
behavioral1
Sample
d5af0628161872a7715bbed443617e022d4d4275cf871c615a4a4a6021f4c79f.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
d5af0628161872a7715bbed443617e022d4d4275cf871c615a4a4a6021f4c79f.xlsm
Resource
win10v20210408
Malware Config
Targets
-
-
Target
d5af0628161872a7715bbed443617e022d4d4275cf871c615a4a4a6021f4c79f
-
Size
85KB
-
MD5
7a45941305a7b20939257f9fdd30f39d
-
SHA1
d689973704061d25b928229352db2a5394c2f52c
-
SHA256
d5af0628161872a7715bbed443617e022d4d4275cf871c615a4a4a6021f4c79f
-
SHA512
45d3ff42e59db13969adf069dbb7017ba5b349377dadcc18ac445f9aff0561a15cc3b54ab83818e64f175b9ca2ab7548d6a9059aaffa7ed0ddf62aa99cafd10e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-