General
-
Target
4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255.xlsm
-
Size
49KB
-
Sample
220303-v1eb5scab7
-
MD5
40a87ae0ee6c9d8647c8ad1b680e0e87
-
SHA1
12e762de276e8ce77a27fc56d135833a29f161d5
-
SHA256
4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255
-
SHA512
7b16347ae4ce7b7ec7bef05b00d1ca00534720c19a29165ca92f5fb704408350ff58c2e2f8c5e7d3538c509cdff518a7cb880776cfdf5f9c61b05c646cb40dce
Behavioral task
behavioral1
Sample
4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255.xlsm
Resource
win10-20220223-en
Behavioral task
behavioral2
Sample
4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255.xlsm
Resource
win10-20220223-en
Malware Config
Extracted
http://185.7.214.7/fer/fe1.html
Targets
-
-
Target
4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255.xlsm
-
Size
49KB
-
MD5
40a87ae0ee6c9d8647c8ad1b680e0e87
-
SHA1
12e762de276e8ce77a27fc56d135833a29f161d5
-
SHA256
4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255
-
SHA512
7b16347ae4ce7b7ec7bef05b00d1ca00534720c19a29165ca92f5fb704408350ff58c2e2f8c5e7d3538c509cdff518a7cb880776cfdf5f9c61b05c646cb40dce
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-