General
-
Target
cf8147d3df43ab44f800025919c99021d4f14494479d7991f6d8ce94fec33a4c.xls
-
Size
154KB
-
Sample
220128-dzx97aehhk
-
MD5
607a79253f7b3e3a76e60fec975ab4b6
-
SHA1
099eb09d7edd87b7ea63661e2a9aecc932cbf133
-
SHA256
cf8147d3df43ab44f800025919c99021d4f14494479d7991f6d8ce94fec33a4c
-
SHA512
4516bf568c7bfb6ad0e13792c9750d2d6c4aa7e7c72329ca7904a4a07068805a6a82820171a073ca62493dc3d1b96b9c18fb15e4430aa9c020787b8cb47c4b5f
Behavioral task
behavioral1
Sample
cf8147d3df43ab44f800025919c99021d4f14494479d7991f6d8ce94fec33a4c.xls
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
cf8147d3df43ab44f800025919c99021d4f14494479d7991f6d8ce94fec33a4c.xls
Resource
win10-en-20211208
Malware Config
Extracted
http://91.240.118.168/qqqw/aaas/se.html
Targets
-
-
Target
cf8147d3df43ab44f800025919c99021d4f14494479d7991f6d8ce94fec33a4c.xls
-
Size
154KB
-
MD5
607a79253f7b3e3a76e60fec975ab4b6
-
SHA1
099eb09d7edd87b7ea63661e2a9aecc932cbf133
-
SHA256
cf8147d3df43ab44f800025919c99021d4f14494479d7991f6d8ce94fec33a4c
-
SHA512
4516bf568c7bfb6ad0e13792c9750d2d6c4aa7e7c72329ca7904a4a07068805a6a82820171a073ca62493dc3d1b96b9c18fb15e4430aa9c020787b8cb47c4b5f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-