General
-
Target
71255950620-05132021.xlsm
-
Size
197KB
-
Sample
210513-jn8r3b64as
-
MD5
6ec18db28bdee35b42375cbca2c2c28f
-
SHA1
7f1a49ff3784933cf4d2169079ffa222836632e9
-
SHA256
d67d14ef44742b1df9a1740ece5512f367aa88ffccdfa9316a70fd49fd9fbef3
-
SHA512
20e87fd88563eabc508761a0e80c0cb319111a7c73a14bc3787fd2cacbb733dbe2bbd528871aaf54a0f1ecc35eb82fcd4647ccc9d9347a4ccccac73c0a08edc9
Behavioral task
behavioral1
Sample
71255950620-05132021.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
71255950620-05132021.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://91.211.91.85/44329.633469213.dat
http://190.14.37.65/44329.633469213.dat
http://185.14.29.217/44329.633469213.dat
Targets
-
-
Target
71255950620-05132021.xlsm
-
Size
197KB
-
MD5
6ec18db28bdee35b42375cbca2c2c28f
-
SHA1
7f1a49ff3784933cf4d2169079ffa222836632e9
-
SHA256
d67d14ef44742b1df9a1740ece5512f367aa88ffccdfa9316a70fd49fd9fbef3
-
SHA512
20e87fd88563eabc508761a0e80c0cb319111a7c73a14bc3787fd2cacbb733dbe2bbd528871aaf54a0f1ecc35eb82fcd4647ccc9d9347a4ccccac73c0a08edc9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-