General
-
Target
transaction_approval_031209511.xlsb
-
Size
61KB
-
Sample
210709-7tj7qfzkz2
-
MD5
a12ad7cc0adae78e14ae648b63e37699
-
SHA1
118ca4e4b3c7a747e06403b3dad87b69c1b38098
-
SHA256
4a5899e9b2a6e4618465d57b162cad20662e6611ea6548beeebc4084341105ef
-
SHA512
40ca40f7f0ccefb27824119d551b668d5cfe5639d0ed6649451a7af343c7945cb14a0935c7cc5463bdd9f817ea5931a1c386ab4668c9e7880785ff02f33d86c7
Behavioral task
behavioral1
Sample
transaction_approval_031209511.xlsb
Resource
win7v20210408
Behavioral task
behavioral2
Sample
transaction_approval_031209511.xlsb
Resource
win10v20210410
Malware Config
Extracted
http://185.180.199.125/s1.dll
Targets
-
-
Target
transaction_approval_031209511.xlsb
-
Size
61KB
-
MD5
a12ad7cc0adae78e14ae648b63e37699
-
SHA1
118ca4e4b3c7a747e06403b3dad87b69c1b38098
-
SHA256
4a5899e9b2a6e4618465d57b162cad20662e6611ea6548beeebc4084341105ef
-
SHA512
40ca40f7f0ccefb27824119d551b668d5cfe5639d0ed6649451a7af343c7945cb14a0935c7cc5463bdd9f817ea5931a1c386ab4668c9e7880785ff02f33d86c7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-