General
-
Target
Invoice- 0535254 Oil_Field_4568742.doc
-
Size
55KB
-
Sample
211014-j16wlsgfc5
-
MD5
e70320db1a53b3226e73d2b8124b2073
-
SHA1
119ac671f8030a7395030273931120b6e52b3d4d
-
SHA256
4821e3c96ac5b45216470c24fe904e41c6060e8b392ed6265807b4c59e6d39b1
-
SHA512
c964a9a959a224d938b8251b97fe3a31483d8eca5eeaa7886450e44d048ecc30c52331158865f33e14b03f03cc7ea236ae6f69b7760eb25bb414b829a59f8df6
Behavioral task
behavioral1
Sample
Invoice- 0535254 Oil_Field_4568742.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Invoice- 0535254 Oil_Field_4568742.doc
Resource
win10v20210408
Malware Config
Extracted
https://secure04sd.my03.com/a/oleApp13.exe
Targets
-
-
Target
Invoice- 0535254 Oil_Field_4568742.doc
-
Size
55KB
-
MD5
e70320db1a53b3226e73d2b8124b2073
-
SHA1
119ac671f8030a7395030273931120b6e52b3d4d
-
SHA256
4821e3c96ac5b45216470c24fe904e41c6060e8b392ed6265807b4c59e6d39b1
-
SHA512
c964a9a959a224d938b8251b97fe3a31483d8eca5eeaa7886450e44d048ecc30c52331158865f33e14b03f03cc7ea236ae6f69b7760eb25bb414b829a59f8df6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-