General
-
Target
COH_Payment_Advice_Note_0009887897.xls
-
Size
231KB
-
Sample
220818-pxy99aeecp
-
MD5
77a95d9806abdae032acc1eaf65e2483
-
SHA1
ab863fbd9286887f9976d40634e42579bf2ab3e5
-
SHA256
3e90b28232eeea2c1c050b30dae7d62595131b123927b7cec37805bf2bd96d28
-
SHA512
5fb5742d49115f129efdbc77b8983e91d1f38dc1f91bf514abd94ca39a367ab3c8400847a49cb51cfecdf15839d00f363c8d6823edbe050bc6007ae014bedb02
-
SSDEEP
6144:6yVcrHi8ATfodfysD1m2ILr/p4uYFtOyx/50Gfy6ZO:aHfAro31mxLeuYFtRT0
Behavioral task
behavioral1
Sample
COH_Payment_Advice_Note_0009887897.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
COH_Payment_Advice_Note_0009887897.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
COH_Payment_Advice_Note_0009887897.xls
-
Size
231KB
-
MD5
77a95d9806abdae032acc1eaf65e2483
-
SHA1
ab863fbd9286887f9976d40634e42579bf2ab3e5
-
SHA256
3e90b28232eeea2c1c050b30dae7d62595131b123927b7cec37805bf2bd96d28
-
SHA512
5fb5742d49115f129efdbc77b8983e91d1f38dc1f91bf514abd94ca39a367ab3c8400847a49cb51cfecdf15839d00f363c8d6823edbe050bc6007ae014bedb02
-
SSDEEP
6144:6yVcrHi8ATfodfysD1m2ILr/p4uYFtOyx/50Gfy6ZO:aHfAro31mxLeuYFtRT0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-