General
-
Target
5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20d
-
Size
83KB
-
Sample
220114-fj8gbsedb8
-
MD5
8268d8ad8f2b8ae50a62e0da825533bb
-
SHA1
e04c3620428efc685056f97eaf1de240f16a9999
-
SHA256
5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20d
-
SHA512
0b8815f81f5d8a7b9027c14e6c749bad10268f1731f16813ac4d9eb34434493708fd3fc91166fc2d92d969522761d56fa72dde417a72f4fe3bded158fe052ccf
Behavioral task
behavioral1
Sample
5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20d.xlsm
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20d.xlsm
Resource
win10-en-20211208
Malware Config
Extracted
http://adi.iswks.com/assets/hO1v71pqfNN/
http://kopbhawan.com/mdphht/fwqEBVQlJXHayt/
http://towardsun.net/admin/dcg3jSLkPuYsQ5xB/
Extracted
http://adi.iswks.com/assets/hO1v71pqfNN/
Targets
-
-
Target
5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20d
-
Size
83KB
-
MD5
8268d8ad8f2b8ae50a62e0da825533bb
-
SHA1
e04c3620428efc685056f97eaf1de240f16a9999
-
SHA256
5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20d
-
SHA512
0b8815f81f5d8a7b9027c14e6c749bad10268f1731f16813ac4d9eb34434493708fd3fc91166fc2d92d969522761d56fa72dde417a72f4fe3bded158fe052ccf
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Drops file in System32 directory
-