General
-
Target
document-1234094685.xlsm_C6E30F8F22BD9353C382AF5600DA8D38.zip
-
Size
71KB
-
Sample
210915-jlxz6aabc4
-
MD5
73544aa6b20d924f0f2985e867b6260c
-
SHA1
63ef1ee1b0fab005e7d47953b780668909d987b2
-
SHA256
eb99e9650328d5065fc988c71d1a92aa5417a25608eb5df0d8b2a974df23b613
-
SHA512
6615473e5c069120483a98f236c196f1fd286042e97a9dc533dcea50a0ca7e24e366aaee4fd3882096cf3052db1e262d6eaaef704a9894b7a93da91a0ef848a9
Behavioral task
behavioral1
Sample
document-1234094685.xlsm
Resource
win7-en
Behavioral task
behavioral2
Sample
document-1234094685.xlsm
Resource
win10v20210408
Malware Config
Extracted
http://rcwj22jxyvt03swnlt.xyz/grays.gif
Targets
-
-
Target
document-1234094685.xlsm
-
Size
81KB
-
MD5
c6e30f8f22bd9353c382af5600da8d38
-
SHA1
72227aab4820c4a56dfbd792a09935c5fbe4667a
-
SHA256
7473478f6e6d7192b8d42b89b81a9d85386754861dce79f4688390b3400555c8
-
SHA512
a42951d343cd71bb80f07eacce1eb0efcd118226c60464487d23fd2bbde7987aeb900fe021dea74f72e1e9c55efcc863310abce44fbfd1a7f71887aa78a940d5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-