General
-
Target
HR_Schedule-W1323819.xlsm
-
Size
185KB
-
Sample
210706-njpn1vrpyj
-
MD5
e67e33a694b7ff166b1015ed44efd271
-
SHA1
88210bea9926a8c64f8e44617f0b7c7a06bbc9f3
-
SHA256
76cfc12debf022cbec171aaf19a29b9c488432bbc7539bba3e4e0f37e1c4ef70
-
SHA512
e6124c6bb22a510f711741957813d1319b09eb80e0d371422778e929286ef10db7c4228f0af78587a1eb8a2e801bb5e6b56ee34d4a2b1ebcfad3f19b20ccc203
Behavioral task
behavioral1
Sample
HR_Schedule-W1323819.xlsm
Resource
win7v20210410
Malware Config
Extracted
http://thousandsyears.download/div/44376,8555986111.jpg
http://voopeople.fun/div/44376,8555986111.jpg
http://uppercilio.fun/div/44376,8555986111.jpg
Targets
-
-
Target
HR_Schedule-W1323819.xlsm
-
Size
185KB
-
MD5
e67e33a694b7ff166b1015ed44efd271
-
SHA1
88210bea9926a8c64f8e44617f0b7c7a06bbc9f3
-
SHA256
76cfc12debf022cbec171aaf19a29b9c488432bbc7539bba3e4e0f37e1c4ef70
-
SHA512
e6124c6bb22a510f711741957813d1319b09eb80e0d371422778e929286ef10db7c4228f0af78587a1eb8a2e801bb5e6b56ee34d4a2b1ebcfad3f19b20ccc203
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-