General
-
Target
eRYlaSz.xlsm
-
Size
146KB
-
Sample
211025-ebnarageaq
-
MD5
a05a533e36ce44fa5d75c09d5c62f9a0
-
SHA1
9dca548272f928f3cc187fd611405a567612c032
-
SHA256
b85646a3a0061554fb664cf67b88485fc981c0fe8cda1e592e3730d8f61ca10b
-
SHA512
a4bf707411dc114f25258c9de9e2e75779245609b8867cf60097138df1e2252e88441eb22564b78ad374677e5ab698b8c2204c916b4bee20ef79e50871eadf50
Behavioral task
behavioral1
Sample
eRYlaSz.xlsm
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
eRYlaSz.xlsm
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
eRYlaSz.xlsm
-
Size
146KB
-
MD5
a05a533e36ce44fa5d75c09d5c62f9a0
-
SHA1
9dca548272f928f3cc187fd611405a567612c032
-
SHA256
b85646a3a0061554fb664cf67b88485fc981c0fe8cda1e592e3730d8f61ca10b
-
SHA512
a4bf707411dc114f25258c9de9e2e75779245609b8867cf60097138df1e2252e88441eb22564b78ad374677e5ab698b8c2204c916b4bee20ef79e50871eadf50
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-