General
-
Target
2022-1-28-7eced723576899b75511edb3cda5bb69.bin
-
Size
46KB
-
Sample
220128-bvdnwadggm
-
MD5
7eced723576899b75511edb3cda5bb69
-
SHA1
c5819e9dd4863a29484f08f31979ff9ee5635d6e
-
SHA256
b0dd275157f1e44d3a67df073c2504ccf2f9de33ffb66de6ef37d412434d4e5f
-
SHA512
46120f22d2d203b565affbbf3619d57aa3fa5f62d78f67706677be893f7a9aa209dcb65167b0ba6ddfd8c8da6953f255d75640044968529507d97053388ad257
Behavioral task
behavioral1
Sample
2022-1-28-7eced723576899b75511edb3cda5bb69.xls
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
2022-1-28-7eced723576899b75511edb3cda5bb69.xls
Resource
win10-en-20211208
Malware Config
Extracted
http://91.240.118.168/vvv/ppp/fe.html
Extracted
http://91.240.118.168/vvv/ppp/fe.png
Targets
-
-
Target
2022-1-28-7eced723576899b75511edb3cda5bb69.bin
-
Size
46KB
-
MD5
7eced723576899b75511edb3cda5bb69
-
SHA1
c5819e9dd4863a29484f08f31979ff9ee5635d6e
-
SHA256
b0dd275157f1e44d3a67df073c2504ccf2f9de33ffb66de6ef37d412434d4e5f
-
SHA512
46120f22d2d203b565affbbf3619d57aa3fa5f62d78f67706677be893f7a9aa209dcb65167b0ba6ddfd8c8da6953f255d75640044968529507d97053388ad257
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-