General
-
Target
QegkD76apDUdkgmDSSbB.xlsm
-
Size
144KB
-
Sample
211021-p5qcbaacg3
-
MD5
31a6c161407e0e1c22ba4c8cc7922dbd
-
SHA1
68d27dbce6639d2360d24f3cfbd48e3f03a8c26a
-
SHA256
c6971112e20b441f60617be0343ced897ef21ba2b298f282bbb547248c4360b3
-
SHA512
035c4fe21e7153e13a3d5cf6013bb99e5a23ea7ca46693d8a1b6db72023d0d46fa20167da20d52ed38500ef97fe64eb42b0faa829ee5150e75484db8bbd8718d
Static task
static1
Behavioral task
behavioral1
Sample
QegkD76apDUdkgmDSSbB.xlsm
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
QegkD76apDUdkgmDSSbB.xlsm
Resource
win10-en-20210920
Malware Config
Extracted
http://3.64.251.139/vr/r/QegkD76apDUdkgmDSSbB.exe
Targets
-
-
Target
QegkD76apDUdkgmDSSbB.xlsm
-
Size
144KB
-
MD5
31a6c161407e0e1c22ba4c8cc7922dbd
-
SHA1
68d27dbce6639d2360d24f3cfbd48e3f03a8c26a
-
SHA256
c6971112e20b441f60617be0343ced897ef21ba2b298f282bbb547248c4360b3
-
SHA512
035c4fe21e7153e13a3d5cf6013bb99e5a23ea7ca46693d8a1b6db72023d0d46fa20167da20d52ed38500ef97fe64eb42b0faa829ee5150e75484db8bbd8718d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Deletes itself
-