General
-
Target
file
-
Size
201KB
-
Sample
211015-sscr8sbggm
-
MD5
0d2c5f0394eafbb88bddb3a758ccf758
-
SHA1
e2dc6084fd8ff0e480337a53bc7524573fe100d0
-
SHA256
16821be1fa2994d90e1fae9dd30d760652a0fdcd402159f79d94902aa7f58ab2
-
SHA512
ac1ce30ab842a116dd319118ca62cdd9b8c886fe0611638afee98b081d74aa0dcac75228bcaa7eb1a79a339aa4a0e514d97efecbeda788dd58ad0116b0cadba5
Behavioral task
behavioral1
Sample
4a8d3e1f28dcddd8177e378b14b49dc0e23dad9772931f6616ce64ad17585fa7.xlsm
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
4a8d3e1f28dcddd8177e378b14b49dc0e23dad9772931f6616ce64ad17585fa7.xlsm
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
4a8d3e1f28dcddd8177e378b14b49dc0e23dad9772931f6616ce64ad17585fa7.xlsm
-
Size
240KB
-
MD5
f2bec56e09883a139201183f00f400a4
-
SHA1
6183a3935e2552484f53f74a6d340f8f451fe0b7
-
SHA256
4a8d3e1f28dcddd8177e378b14b49dc0e23dad9772931f6616ce64ad17585fa7
-
SHA512
d7b871c1cbe9e7726457897e54068c1e801b552292a960822a60aacbdb5c4aec2129bc698ef8ff42741b76be3f56ebfed234718b763226f1b6e2efd6fa6a6121
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-