General
-
Target
?i=1fyukxinr
-
Size
118KB
-
Sample
220522-f6f1lafhc3
-
MD5
c930ab7f69ffa197bf8149c9038eebfc
-
SHA1
0438b6bed41413f8dcd5f9e95416f5dcab034173
-
SHA256
769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968
-
SHA512
4d226575d5683d6acc853a87dcff2c518c4c57c59057420d610fb56c8d33cda87311e0ca28da95ab8de8cf78e837dfa9a39387a12b87151f2f5e06a5df94203b
Behavioral task
behavioral1
Sample
?i=1fyukxinr.xls
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
?i=1fyukxinr.xls
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://www.cuneytkocas.com/wp-content/VSnofpES1wO2CcVob/
http://towardsun.net/admin/BYGGkrYAnT/
Targets
-
-
Target
?i=1fyukxinr
-
Size
118KB
-
MD5
c930ab7f69ffa197bf8149c9038eebfc
-
SHA1
0438b6bed41413f8dcd5f9e95416f5dcab034173
-
SHA256
769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968
-
SHA512
4d226575d5683d6acc853a87dcff2c518c4c57c59057420d610fb56c8d33cda87311e0ca28da95ab8de8cf78e837dfa9a39387a12b87151f2f5e06a5df94203b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-