General
-
Target
cancel_sub_VCP1234567890123.xlsb
-
Size
123KB
-
Sample
210802-3asm5re99x
-
MD5
9e1ee4a42c381eabcf2cde38a1aae7c9
-
SHA1
015bb306d9e54001d433b3ac2e7212b864f54ae2
-
SHA256
fd71a2fcc0b5dd0fb0dbff257839b67749f2cadf30e2d3dae7f0e941d93d24d3
-
SHA512
d8955c76657c68542ebcd1fc0b14b69917976892a2005ff0fcace3754200d52c4557235e083b76f4115cc940281dbe77a8e390e8bd18fbe9d5cdb128191580ec
Behavioral task
behavioral1
Sample
cancel_sub_VCP1234567890123.xlsb
Resource
win7v20210410
Behavioral task
behavioral2
Sample
cancel_sub_VCP1234567890123.xlsb
Resource
win10v20210408
Malware Config
Extracted
Targets
-
-
Target
cancel_sub_VCP1234567890123.xlsb
-
Size
123KB
-
MD5
9e1ee4a42c381eabcf2cde38a1aae7c9
-
SHA1
015bb306d9e54001d433b3ac2e7212b864f54ae2
-
SHA256
fd71a2fcc0b5dd0fb0dbff257839b67749f2cadf30e2d3dae7f0e941d93d24d3
-
SHA512
d8955c76657c68542ebcd1fc0b14b69917976892a2005ff0fcace3754200d52c4557235e083b76f4115cc940281dbe77a8e390e8bd18fbe9d5cdb128191580ec
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Loads dropped DLL
-