Description
This typically indicates the parent process was compromised via an exploit or macro.
6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401.xls
General
Target
Size
Sample
6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401.xls
40KB
220521-v7z77aadc5
Score
10 /10
MD5
SHA1
SHA256
SHA512
2d0bf2a42ae18ac57a4a99e7727ea85e
1894cb10cea6a4757f3478753049c3311446370a
6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401
cee692e9084069fcb59f3e7a900a7f7fbfce59ae32849ff3b67ec3ed47f97b8ad05730e2f12cc8d6eb41f75745c565863d8a8fc28000cbc5ba8e5649deffb85d
Malware Config
Extracted
| Language | xlm4.0 |
| Source |
|
| URLs |
xlm40.dropper
https://www.itesmeitic.com/term/IFjx5ElE0ldr8wDDHjub/ |
Targets
Target
MD5
Filesize
6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401.xls
2d0bf2a42ae18ac57a4a99e7727ea85e
40KB
Score
10/10
SHA1
SHA256
SHA512
1894cb10cea6a4757f3478753049c3311446370a
6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401
cee692e9084069fcb59f3e7a900a7f7fbfce59ae32849ff3b67ec3ed47f97b8ad05730e2f12cc8d6eb41f75745c565863d8a8fc28000cbc5ba8e5649deffb85d
Signatures
-
Process spawned unexpected child process
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks