General
-
Target
2022-1-28-acfe7d6340b879f65260e326e9363cae.bin
-
Size
46KB
-
Sample
220128-a3mfbadga7
-
MD5
acfe7d6340b879f65260e326e9363cae
-
SHA1
7ede3c78229a8b40f993a8130dea7eaa623a42ce
-
SHA256
711cce17f03661006598a1c6888aece3145f54a9d47cdd7780644d0ea7e34608
-
SHA512
7c9b108e4abb276f19df16f629ff847cf7bfeb6812bacb87f789260dedbac81c9e4ac414ae088511a3c063154b16ebab7f928e8b37720815f076bb94263354d3
Behavioral task
behavioral1
Sample
2022-1-28-acfe7d6340b879f65260e326e9363cae.xls
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
2022-1-28-acfe7d6340b879f65260e326e9363cae.xls
Resource
win10-en-20211208
Malware Config
Extracted
http://91.240.118.168/vvv/ppp/fe.html
Extracted
http://91.240.118.168/vvv/ppp/fe.png
Targets
-
-
Target
2022-1-28-acfe7d6340b879f65260e326e9363cae.bin
-
Size
46KB
-
MD5
acfe7d6340b879f65260e326e9363cae
-
SHA1
7ede3c78229a8b40f993a8130dea7eaa623a42ce
-
SHA256
711cce17f03661006598a1c6888aece3145f54a9d47cdd7780644d0ea7e34608
-
SHA512
7c9b108e4abb276f19df16f629ff847cf7bfeb6812bacb87f789260dedbac81c9e4ac414ae088511a3c063154b16ebab7f928e8b37720815f076bb94263354d3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-