General
-
Target
Payment Advice_00152021.xls
-
Size
232KB
-
Sample
210511-k6qshjbw1a
-
MD5
20af1905935afccb0f520bf165eec2f8
-
SHA1
5c3c15e2cc26401aaa0c4ca13b66423ab91002e6
-
SHA256
8837feb2649d365d8eee6f63c53585625f56ee7439d0cf6502e686215ac21b99
-
SHA512
b5a711b7db8effc1aa5e72a6d03188ffb88981f7e964b94007ae663afe6c969686f3c669939d5475e3ae5e2ec512bfbc37722d26108c23296e19541638e18c2b
Static task
static1
Behavioral task
behavioral1
Sample
Payment Advice_00152021.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Payment Advice_00152021.xls
Resource
win10v20210408
Malware Config
Targets
-
-
Target
Payment Advice_00152021.xls
-
Size
232KB
-
MD5
20af1905935afccb0f520bf165eec2f8
-
SHA1
5c3c15e2cc26401aaa0c4ca13b66423ab91002e6
-
SHA256
8837feb2649d365d8eee6f63c53585625f56ee7439d0cf6502e686215ac21b99
-
SHA512
b5a711b7db8effc1aa5e72a6d03188ffb88981f7e964b94007ae663afe6c969686f3c669939d5475e3ae5e2ec512bfbc37722d26108c23296e19541638e18c2b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Adds Run key to start application
-