General
-
Target
Document-138395542.zip
-
Size
494KB
-
Sample
211021-1g1c6abgbm
-
MD5
4f07628744993a4c51bf11d0b5a3a6af
-
SHA1
6e9109d98d5c0fbf4dd9e30565996f07321208a7
-
SHA256
53f380eea2b27b0934c695591a9038372edd73562be1ee4008a7ac6b83d0d9b2
-
SHA512
1e3ef8fae948da188ca3677df42bd03a8f38596e4157fc62bff80a35845b2ae1cb11e78ba376bc6e2961d922b03e174556e0854cc8b1f3c24d1ecbe446b711d3
Static task
static1
Behavioral task
behavioral1
Sample
Document-138395542.xls
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
Document-138395542.xls
Resource
win10-en-20210920
Malware Config
Extracted
http://190.14.37.244/44490.9823697917.dat
http://194.36.191.35/44490.9823697917.dat
http://178.23.190.8/44490.9823697917.dat
Extracted
http://190.14.37.244/44490.9015596065.dat
http://194.36.191.35/44490.9015596065.dat
http://178.23.190.8/44490.9015596065.dat
Targets
-
-
Target
Document-138395542.xls
-
Size
537KB
-
MD5
88d4946e37afc60d707b8182f050a2df
-
SHA1
afe97738f786f99a077cf535c1e3770e05b56887
-
SHA256
ab30095a5e8e8df5537d543ce27fc11ad889e5949a107816759f7aa6dae1903f
-
SHA512
bcf903ee7907ecdbf57e65f87ffb696ed1fa49bfba41d6a8253f89441a9d5494bdde9e17076f7d77bee38da74f1cd02bbc548f12aa54874802f963c84b993d2f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-