General
-
Target
XLS W2_sheets.excel
-
Size
80KB
-
Sample
220623-rtrr4sddhq
-
MD5
aa5dffcb00b9e03b5cb1a6c46d84d45c
-
SHA1
28cebf092350a8278303a579cb8b1f5d1c303527
-
SHA256
d199cb7b5afd352a297c1f4a56b930c56836ac1c850561a48fafdf224effad53
-
SHA512
f81a05fbb9d827bd90b708dadd10f384d7f243821e4b5db8da61a431dd259aa7e9d8380cf3ca1150bcb735cc56760fb530013783f0aabfd4497baf19872749ec
Behavioral task
behavioral1
Sample
XLS W2_sheets.xls
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
XLS W2_sheets.xls
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://45.140.16.7/DFpM13
Targets
-
-
Target
XLS W2_sheets.excel
-
Size
80KB
-
MD5
aa5dffcb00b9e03b5cb1a6c46d84d45c
-
SHA1
28cebf092350a8278303a579cb8b1f5d1c303527
-
SHA256
d199cb7b5afd352a297c1f4a56b930c56836ac1c850561a48fafdf224effad53
-
SHA512
f81a05fbb9d827bd90b708dadd10f384d7f243821e4b5db8da61a431dd259aa7e9d8380cf3ca1150bcb735cc56760fb530013783f0aabfd4497baf19872749ec
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-