General
-
Target
PRMS_822004851.zip
-
Size
89KB
-
Sample
211014-flkhaagafm
-
MD5
d1900635575b55cec4bd6d65f76933a3
-
SHA1
d581aabf5e91d6b28fcaac1ea0f4f00407626d18
-
SHA256
aab608f07f33eb9a5c6e673b32cfdccaf8034842dd607b51f9ddc3556be04fc0
-
SHA512
149b9ae4175b6e751d0aebaf520f114489fea19adc67f5c2922c8b88b6ccae09df850acf96aca114d5c533345b192365a485113d784b26bd67aa54e40bc7171c
Static task
static1
Behavioral task
behavioral1
Sample
PRMS_822004851.xls
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
PRMS_822004851.xls
Resource
win10v20210408
Malware Config
Extracted
http://190.14.37.220/44483.2073674769.dat
http://23.106.125.233/44483.2073674769.dat
http://178.23.190.199/44483.2073674769.dat
Targets
-
-
Target
PRMS_822004851.xls
-
Size
134KB
-
MD5
0fabeef31b401b43f6dad8a373d55d4a
-
SHA1
f42f36c2fbf269bba7db101991e1a5be2c185b64
-
SHA256
4ff4e135e3c8f23427763b635c0b38e3d7a4957e8ded530bbc1ded32c156c4c4
-
SHA512
69ee8d329595ae8630543a9cc4ecc82e1152b9816db02df8b2794fb786b0992f4d52250dfb9f56b93f6cbdbdc7068433dbbc45869bcd86aab1a0b02e5a1dbc85
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-