General
-
Target
Invoice_41292673.xlsm
-
Size
72KB
-
Sample
210727-e7ae581r6x
-
MD5
50269b5e8f60e3847888544e68368f3c
-
SHA1
3b8d2e2087d1936a6dd08013ef1c8a344dbc3515
-
SHA256
40b5ae97c036d45073b6edfcabbd4f5fe1a577d2e21f57282c09ebe2d32b7492
-
SHA512
ed2731137742827c315b2447072a40c5e0970b790397a8e43bbb5c94a4739fadd41046965b268ce2a390a9b2d2a95304df461dd8ea890a99d1613b698d3fa747
Static task
static1
Behavioral task
behavioral1
Sample
Invoice_41292673.xlsm
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Invoice_41292673.xlsm
Resource
win10v20210410
Malware Config
Targets
-
-
Target
Invoice_41292673.xlsm
-
Size
72KB
-
MD5
50269b5e8f60e3847888544e68368f3c
-
SHA1
3b8d2e2087d1936a6dd08013ef1c8a344dbc3515
-
SHA256
40b5ae97c036d45073b6edfcabbd4f5fe1a577d2e21f57282c09ebe2d32b7492
-
SHA512
ed2731137742827c315b2447072a40c5e0970b790397a8e43bbb5c94a4739fadd41046965b268ce2a390a9b2d2a95304df461dd8ea890a99d1613b698d3fa747
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-