Extracted

• • Target

    test.xlsb

  • Size

    254KB

  • MD5

    dc37192b5c4c8c4f94c73c18ce5e3829

  • SHA1

    0aa6bb11a11dade2269d90b2781ed0a517362012

  • SHA256

    db53f42e13d2685bd34dbc5c79fad637c9344e72e210ca05504420874e98c2a6

  • SHA512

    3e8b179d8521fb33a46eeeca74bbda7a4e8a32f47b6195b17d62664dd2e31716261a61a495857ed08dbbc001a9eab8adec7133921179eb3df66c53e18c586d9a

  Score

  10^/10

  nloaderloader

  • Nloader

    Simple loader that includes the keyword 'campo' in the URL used to download other families.

    loadernloader

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Nloader Payload

  • Loads dropped DLL

  behavioral1