General
-
Target
Deluxe.ocn.ne_Form.xls
-
Size
78KB
-
Sample
220514-ray23scedl
-
MD5
8b0f18f7322946e3bde962f9455f286d
-
SHA1
fb4405f35e590913373a53258192e7092ac8ec2a
-
SHA256
e2df8d7975b89087c78c4457e83679006b68eca7e1fb313cdafac74c5651792e
-
SHA512
f337821a6bdfb2d3331c5499570eccf50370ea5b6d3e42573803a0984f2258cd7045a9843492321fa85ebc248c43b9fdb86ab0548674a522b8da8791936dc3d6
Behavioral task
behavioral1
Sample
Deluxe.ocn.ne_Form.xls
Resource
win7-20220414-en
Malware Config
Extracted
http://www.flash-inc.com/group/igirl/css/QqoV/
Targets
-
-
Target
Deluxe.ocn.ne_Form.xls
-
Size
78KB
-
MD5
8b0f18f7322946e3bde962f9455f286d
-
SHA1
fb4405f35e590913373a53258192e7092ac8ec2a
-
SHA256
e2df8d7975b89087c78c4457e83679006b68eca7e1fb313cdafac74c5651792e
-
SHA512
f337821a6bdfb2d3331c5499570eccf50370ea5b6d3e42573803a0984f2258cd7045a9843492321fa85ebc248c43b9fdb86ab0548674a522b8da8791936dc3d6
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-
Loads dropped DLL
-