General
-
Target
subscription_1617291613.xlsb.zip
-
Size
207KB
-
Sample
210714-9bnh3lw4zs
-
MD5
a69c11179b961aa7321ea00104bb3277
-
SHA1
bd79056056463667ba73121c1d85ad0d1b06cb98
-
SHA256
42194301fff8d304d7136f5151b1f5262246096a9d0ed3e24fb64e6a1b7ee118
-
SHA512
f8d5bcb98760b5f3bf14c4c4613327c24626ed672bb65c11985af90fe4759dc02b03ad162b133dfe394c99945a12c7d59b8fc53d489c1a94e09765d13b73b89b
Behavioral task
behavioral1
Sample
subscription_1617291613.xlsb
Resource
win7v20210408
Malware Config
Extracted
Targets
-
-
Target
subscription_1617291613.xlsb
-
Size
228KB
-
MD5
8a3364bafa63166394862068b05f5469
-
SHA1
b039cb7a479cf118d53c61e113ad74015caadd22
-
SHA256
3d0b681046147d8008b70bab97c41e3a21a283559874ac2ce0c518b6965312da
-
SHA512
27c70c7fd278222a17112c0e3deb16a84f36f080a6fd933d51c4cc73392654414991ae0ba99e9760008c40a865572380c03a3b3af9297cb1a3678c630ca18111
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Nloader Payload
-
Loads dropped DLL
-