General
-
Target
19QC-439850.xlsm
-
Size
184KB
-
Sample
210719-q422ea4wtx
-
MD5
d38cdbc95726b6c6a6525d252c9666a6
-
SHA1
723db655e25e4add7fbf193da27f00d4976c620c
-
SHA256
45c86e476165f51397d864cb46a8897f340ef5becd5576c6561d25dcc3a03140
-
SHA512
98443e9ca42dfeec7b428a0cc5fbe4e16742444ae80f13e149f8dbbb071625e81be6269f35a29c8609ffbeca6117107daa7c5ba3d18d619230ba3015daa37cb6
Behavioral task
behavioral1
Sample
19QC-439850.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
19QC-439850.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://fourstars.cyou/1.php
Targets
-
-
Target
19QC-439850.xlsm
-
Size
184KB
-
MD5
d38cdbc95726b6c6a6525d252c9666a6
-
SHA1
723db655e25e4add7fbf193da27f00d4976c620c
-
SHA256
45c86e476165f51397d864cb46a8897f340ef5becd5576c6561d25dcc3a03140
-
SHA512
98443e9ca42dfeec7b428a0cc5fbe4e16742444ae80f13e149f8dbbb071625e81be6269f35a29c8609ffbeca6117107daa7c5ba3d18d619230ba3015daa37cb6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-