General
-
Target
Documents_81467476_1764870999.xlsb
-
Size
97KB
-
Sample
210513-hddyvba4ss
-
MD5
0ea288a45a3eecdd3359ba0957e59682
-
SHA1
df065bea81f19d5a312db8942b59f4c36a2c00c9
-
SHA256
a43422fe87609697062b9409205023a8b4f14aceb684c2c6acd0097294d54eea
-
SHA512
754255207ab70511eb1f888b6ea2a40dbde5ca7a4148d5741f822995566d3400a223913726c0307feb4115c1f57635da8592c439ab8501c804890ce78b6610e9
Malware Config
Extracted
https://mastercarebath.com/wp-netmon.dll
Targets
-
-
Target
Documents_81467476_1764870999.xlsb
-
Size
97KB
-
MD5
0ea288a45a3eecdd3359ba0957e59682
-
SHA1
df065bea81f19d5a312db8942b59f4c36a2c00c9
-
SHA256
a43422fe87609697062b9409205023a8b4f14aceb684c2c6acd0097294d54eea
-
SHA512
754255207ab70511eb1f888b6ea2a40dbde5ca7a4148d5741f822995566d3400a223913726c0307feb4115c1f57635da8592c439ab8501c804890ce78b6610e9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-