General
-
Target
6306148261199872.zip
-
Size
71KB
-
Sample
210724-rfb1eylane
-
MD5
0ba6fae97f4b4e39c748f5e61ad70a8b
-
SHA1
9d76eec3dc7961f832e597586e54639fb4eb5b46
-
SHA256
7243cdac9f116075a2b25d45c319825feecee1e851744811dcf6a6cd50acc262
-
SHA512
d9eb2c9d4c0dc220eae33fc49456e99949e74b431c5cff0efed3f7e14572579ff3508cacbb3ccdb97ddb09dd6c2c860fcca7e813e948b4830cf15ac248dcdbe3
Behavioral task
behavioral1
Sample
6cb9eff2c03a7064a655a6117cb62d4bf8694a6fab10588cac60b0781d60ca4d.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
6cb9eff2c03a7064a655a6117cb62d4bf8694a6fab10588cac60b0781d60ca4d.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://162.248.227.39/first.php
Targets
-
-
Target
6cb9eff2c03a7064a655a6117cb62d4bf8694a6fab10588cac60b0781d60ca4d
-
Size
85KB
-
MD5
e05574d2a2b00fc7b9862ad631ce3315
-
SHA1
b55f7933231453358bd4e0a033a8030595412b60
-
SHA256
6cb9eff2c03a7064a655a6117cb62d4bf8694a6fab10588cac60b0781d60ca4d
-
SHA512
065d815ac37c355098345392f4ffe1793317e6cd55640f05229c2f1211b9a0dd0941844e7234a27986f8b6a48cb8de1aa883440c23be91450f6b1da9cb9c1468
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-