General
-
Target
3970fe6a9de81eaeb722f32c905e4ecb209fe761f12f976a806cc73263b47b77.xls
-
Size
95KB
-
Sample
220707-dyp77acddj
-
MD5
b3a15d0bf40986c37a5b273b4fa55162
-
SHA1
8dd08e57a49d529549a39afaee6f4a41152046e9
-
SHA256
3970fe6a9de81eaeb722f32c905e4ecb209fe761f12f976a806cc73263b47b77
-
SHA512
a6bfafcedecf86df22cf9b8fcdedd0d1376b842f6f017acb10dea955a92690397fdee4b149bbcd83c281a412c0d525a2488440181fcf8bde4aedad93bbb3ca28
Malware Config
Extracted
http://www.sunflowerlaboratory.in/fonts/79Tq62ly/
http://dirigent.co.uk/vardagsekonomi/iC36jJ4J1cf/
http://agtrade.hu/images/kiQYmOs2tSKq/
https://www.zachboyle.com/wp-admin/EA470ZrTGNkuA/
Targets
-
-
Target
3970fe6a9de81eaeb722f32c905e4ecb209fe761f12f976a806cc73263b47b77.xls
-
Size
95KB
-
MD5
b3a15d0bf40986c37a5b273b4fa55162
-
SHA1
8dd08e57a49d529549a39afaee6f4a41152046e9
-
SHA256
3970fe6a9de81eaeb722f32c905e4ecb209fe761f12f976a806cc73263b47b77
-
SHA512
a6bfafcedecf86df22cf9b8fcdedd0d1376b842f6f017acb10dea955a92690397fdee4b149bbcd83c281a412c0d525a2488440181fcf8bde4aedad93bbb3ca28
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-