Extracted

• • Target

    boobsnail.xlsm

  • Size

    14KB

  • MD5

    e86decfda7ca278f088161f30e9bcd22

  • SHA1

    4274ab41b9f6ea1f2312f886592c15a803db625b

  • SHA256

    444684e8addbfe779d1391a22e6ca421c96c0f05a0765e5b0292511121531a20

  • SHA512

    20998417e28a57d48329be51bbdbfbf6c40402c51dfe3c2cc8dabc364726550f47c0846c35ece29add22fde627cba608e98718bd1f32043ca616e64faa82b025

  • SSDEEP

    192:t7yIcj/lhE0Bpoiqh5BzJVapALXJ6+TaXpS0VqDqHhVctS+GvDflJP:t7yZj/lhpoIpEJPMpditY7lJP

  Score

  10^/10

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1