General
-
Target
case_details-6944520.xlsm
-
Size
117KB
-
Sample
210720-dqbmj55nca
-
MD5
a6defb9f78196e1ea77c534207bdbd3a
-
SHA1
112f8b629e90f1496a1ad017711c429f54780fe8
-
SHA256
6baf865ab65913c374ee5bb4c765f7705f2a80d853d23d75e08810b5cf71d5a6
-
SHA512
b65aeb3f3097cae369621387b790be40a3cff2d30114e114098d03faa3828e63f4148040dc114d722ed0c83571717aa08e35e54016b5615dfb882cfd6453f541
Behavioral task
behavioral1
Sample
case_details-6944520.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
case_details-6944520.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://185.209.160.61/2.php
Targets
-
-
Target
case_details-6944520.xlsm
-
Size
117KB
-
MD5
a6defb9f78196e1ea77c534207bdbd3a
-
SHA1
112f8b629e90f1496a1ad017711c429f54780fe8
-
SHA256
6baf865ab65913c374ee5bb4c765f7705f2a80d853d23d75e08810b5cf71d5a6
-
SHA512
b65aeb3f3097cae369621387b790be40a3cff2d30114e114098d03faa3828e63f4148040dc114d722ed0c83571717aa08e35e54016b5615dfb882cfd6453f541
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-