General
-
Target
Item_positions_receipt_564965.xlsm
-
Size
83KB
-
Sample
210720-4agsstdyzx
-
MD5
69ffd7ea01a030733c49e5af499d2b09
-
SHA1
74f5eb89a00cc97ee00bc6d05e370c80c94828ee
-
SHA256
41b7544d4b5ccdda8eea4ac8a7d7204d157301e87a41756cddbf8b451699338c
-
SHA512
6696d25696de91bece383784553aca123e523fddaf4c512fc495d95130b023f23c2464ccc050d369c2819d5f5b0afe6ed43cb6667d2cf618390b9f44d871c621
Behavioral task
behavioral1
Sample
Item_positions_receipt_564965.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Item_positions_receipt_564965.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://162.248.225.97/1.php
Targets
-
-
Target
Item_positions_receipt_564965.xlsm
-
Size
83KB
-
MD5
69ffd7ea01a030733c49e5af499d2b09
-
SHA1
74f5eb89a00cc97ee00bc6d05e370c80c94828ee
-
SHA256
41b7544d4b5ccdda8eea4ac8a7d7204d157301e87a41756cddbf8b451699338c
-
SHA512
6696d25696de91bece383784553aca123e523fddaf4c512fc495d95130b023f23c2464ccc050d369c2819d5f5b0afe6ed43cb6667d2cf618390b9f44d871c621
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-