General
-
Target
11f44531fb088d31307d87b01e8eabff.zip
-
Size
106KB
-
Sample
220513-cpgc9aeggj
-
MD5
9458859abfd384f38362af01fb306f14
-
SHA1
2f507cca69fa3ef6cd091d27b21e99cfe1b73506
-
SHA256
6cec2bf8e5bde0a9d885ca6276d5a3d77affe4225824836a762984e7ecdc8a40
-
SHA512
6e839f4c92d2afe50d1feb29be0c72a8b511523cbfa49d99d2379feabdc0e2376c1bf2e3b03782592e5d9a69045913b18795d643e802171040c95c53ccca094c
Static task
static1
Behavioral task
behavioral1
Sample
11f44531fb088d31307d87b01e8eabff/research-1646684671.xls
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
11f44531fb088d31307d87b01e8eabff/research-1646684671.xls
Resource
win10v2004-20220414-en
Malware Config
Extracted
https://nws.visionconsulting.ro/N1G1KCXA/dot.html
https://royalpalm.sparkblue.lk/vCNhYrq3Yg8/dot.html
Targets
-
-
Target
11f44531fb088d31307d87b01e8eabff/research-1646684671.xls
-
Size
648KB
-
MD5
b775cd8be83696ca37b2fe00bcb40574
-
SHA1
60c8a9fdf2b24f8fb4913d4745a8557df5ff8e07
-
SHA256
1df68d55968bb9d2db4d0d18155188a03a442850ff543c8595166ac6987df820
-
SHA512
5ad4da8582bec3cc545e322cad2e356f59c4bfa5fe4ca90c0e781dd0e63a7aefbcc27b4045583232e4fdccffbc2bceb832b8d8e9ec3c070cf4b6559ca3c99a72
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-