General
-
Target
LL52387-01-899.xlsm
-
Size
184KB
-
Sample
210719-n24xdfcmmj
-
MD5
ae7f19049c14e3462f0bd1df4d09595a
-
SHA1
b4f4f45094812c1f487c1bb4dd36f3f2cc935a64
-
SHA256
d9a85077c2f620c37242f96b1d5a2096403517b2818b36e1446e1e7fcc8c0ee8
-
SHA512
e1d120aa77e9677019b34e466a82675a6e650022a252562ea780741eb470255173ac869ec9d72c9c5de87514453d1b924a92e4a098d160b87771792a6c2c4646
Behavioral task
behavioral1
Sample
LL52387-01-899.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
LL52387-01-899.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://fourstars.cyou/1.php
Targets
-
-
Target
LL52387-01-899.xlsm
-
Size
184KB
-
MD5
ae7f19049c14e3462f0bd1df4d09595a
-
SHA1
b4f4f45094812c1f487c1bb4dd36f3f2cc935a64
-
SHA256
d9a85077c2f620c37242f96b1d5a2096403517b2818b36e1446e1e7fcc8c0ee8
-
SHA512
e1d120aa77e9677019b34e466a82675a6e650022a252562ea780741eb470255173ac869ec9d72c9c5de87514453d1b924a92e4a098d160b87771792a6c2c4646
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-