General
-
Target
71815855671-05132021.xlsm
-
Size
197KB
-
Sample
210513-yky9vy2tre
-
MD5
c8659d5bb1b8ab3578746ea3b8d8b31d
-
SHA1
058c64dda6067f2c1f87140c4b4e3a690e846db8
-
SHA256
372791846d41e285c04c6cf752f7a7644bd77b781f78c465f031369802e2bf19
-
SHA512
89478fc5dc06c2952a923047bb5d26d87e8b3b94dc8880448175f4f3e2b4995c5379cf9d45e99cb04329fd4cd08260b0d2914b3312e2bf2817b2f3cdd311d104
Behavioral task
behavioral1
Sample
71815855671-05132021.xlsm
Resource
win7v20210408
Behavioral task
behavioral2
Sample
71815855671-05132021.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://91.211.91.85/44329.713296875.dat
http://190.14.37.65/44329.713296875.dat
http://185.14.29.217/44329.713296875.dat
Targets
-
-
Target
71815855671-05132021.xlsm
-
Size
197KB
-
MD5
c8659d5bb1b8ab3578746ea3b8d8b31d
-
SHA1
058c64dda6067f2c1f87140c4b4e3a690e846db8
-
SHA256
372791846d41e285c04c6cf752f7a7644bd77b781f78c465f031369802e2bf19
-
SHA512
89478fc5dc06c2952a923047bb5d26d87e8b3b94dc8880448175f4f3e2b4995c5379cf9d45e99cb04329fd4cd08260b0d2914b3312e2bf2817b2f3cdd311d104
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-