General
-
Target
29b92c44c5a8d6f93bdd18fee934f94a9b30c04670c2a7648da7bb7a2b875b1e
-
Size
357KB
-
Sample
220329-tw9rtagbg8
-
MD5
529c87179e723fd839f4a355c7857d55
-
SHA1
443cf660b2561ff6d52ff76d2ec126b882b659e9
-
SHA256
29b92c44c5a8d6f93bdd18fee934f94a9b30c04670c2a7648da7bb7a2b875b1e
-
SHA512
995aa497406860bbad2c2e119c62919c6f7e5f80a355ab7545699654c049183871d32cee1e3c1ab16e52fb71ba29af4639f9abdb6b511d7136aadd310572c6b7
Behavioral task
behavioral1
Sample
29b92c44c5a8d6f93bdd18fee934f94a9b30c04670c2a7648da7bb7a2b875b1e.xlsb
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
29b92c44c5a8d6f93bdd18fee934f94a9b30c04670c2a7648da7bb7a2b875b1e.xlsb
Resource
win10v2004-en-20220113
Malware Config
Extracted
http://i.sfu.edu.ph/ds/161120.gif
Extracted
http://i.sfu.edu.ph/ds/161120.gif
Targets
-
-
Target
29b92c44c5a8d6f93bdd18fee934f94a9b30c04670c2a7648da7bb7a2b875b1e
-
Size
357KB
-
MD5
529c87179e723fd839f4a355c7857d55
-
SHA1
443cf660b2561ff6d52ff76d2ec126b882b659e9
-
SHA256
29b92c44c5a8d6f93bdd18fee934f94a9b30c04670c2a7648da7bb7a2b875b1e
-
SHA512
995aa497406860bbad2c2e119c62919c6f7e5f80a355ab7545699654c049183871d32cee1e3c1ab16e52fb71ba29af4639f9abdb6b511d7136aadd310572c6b7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-