General
-
Target
F.A.Q[2021.11.17_21-03].xlsb
-
Size
283KB
-
Sample
211118-v12gnshhg2
-
MD5
33131357d897aa065d8220fd159733d4
-
SHA1
7c5793ad1dcd2594c803c991f6ce0ef4a75e78d8
-
SHA256
947a442e30a4a5bf3b19a691ae7198b3bbe2517bbf101e7820a16af9f69287fe
-
SHA512
fc63cce9a3a3c4cdcd5354f3d82882fc948e1cfd7622ce79c0222420c0b0d5ee87bec3b78e109dbca4f50a74e41d96bc34474237291992fb507c1f51b83d9894
Behavioral task
behavioral1
Sample
F.A.Q[2021.11.17_21-03].xlsb
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
F.A.Q[2021.11.17_21-03].xlsb
Resource
win10-en-20211104
Malware Config
Extracted
https://yfo.yag.mybluehost.me/wp-content/uploads/2020/08/file1.cms
Extracted
icedid
4258209311
sauceson.ink
Targets
-
-
Target
F.A.Q[2021.11.17_21-03].xlsb
-
Size
283KB
-
MD5
33131357d897aa065d8220fd159733d4
-
SHA1
7c5793ad1dcd2594c803c991f6ce0ef4a75e78d8
-
SHA256
947a442e30a4a5bf3b19a691ae7198b3bbe2517bbf101e7820a16af9f69287fe
-
SHA512
fc63cce9a3a3c4cdcd5354f3d82882fc948e1cfd7622ce79c0222420c0b0d5ee87bec3b78e109dbca4f50a74e41d96bc34474237291992fb507c1f51b83d9894
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-