General
-
Target
Prepared_waybill_documentation_9430202.xlsm
-
Size
83KB
-
Sample
210720-d78sdt32b2
-
MD5
941e89e5d2f73e21c5cd9fc6a7e49ff1
-
SHA1
e9e93d2a450030774bd05a4313b427bf4405044d
-
SHA256
d4a8dc24262e181897d3caa84c00b1d138814c30aca11ebb15942c64be941a22
-
SHA512
5c778e3ab78eed8aa47c515fd89a472d9afe817dfe1613293fd1c9af89d6cf1502a1b1d63f01e16769b34b3d8474cbcd69f646d969f9c40835c6c23b28470f55
Malware Config
Extracted
http://162.248.225.97/1.php
Targets
-
-
Target
Prepared_waybill_documentation_9430202.xlsm
-
Size
83KB
-
MD5
941e89e5d2f73e21c5cd9fc6a7e49ff1
-
SHA1
e9e93d2a450030774bd05a4313b427bf4405044d
-
SHA256
d4a8dc24262e181897d3caa84c00b1d138814c30aca11ebb15942c64be941a22
-
SHA512
5c778e3ab78eed8aa47c515fd89a472d9afe817dfe1613293fd1c9af89d6cf1502a1b1d63f01e16769b34b3d8474cbcd69f646d969f9c40835c6c23b28470f55
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-