General
-
Target
ab6bf65bc625e483cb4a70ddc175441b32a43371de55cc7e62e471523e3c9590.xls
-
Size
91KB
-
Sample
221109-v7j6zaagh8
-
MD5
34e91e54dccb9ec6593a6b1ffd06e7f1
-
SHA1
5ac97ab8cf8e39e2e91005cb07eafb7f0bd2be19
-
SHA256
ab6bf65bc625e483cb4a70ddc175441b32a43371de55cc7e62e471523e3c9590
-
SHA512
7e6723b7b778bbb70eb0319b9591ab7d91cdb7d6c970ab30edaf14579ded4599998176ce5e71454ce409ddb81f56c8d9b26ba2e283a047525c63e904ad6f2b50
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEbCXuZH4gb4CEn9J4ZAEM:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5
Behavioral task
behavioral1
Sample
ab6bf65bc625e483cb4a70ddc175441b32a43371de55cc7e62e471523e3c9590.xls
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
ab6bf65bc625e483cb4a70ddc175441b32a43371de55cc7e62e471523e3c9590.xls
Resource
win10-20220812-en
Malware Config
Extracted
http://www.muyehuayi.com/cmp/8asA99KPsyA/v6lUsWbLen/
http://concivilpa.com.py/wp-admin/i3CQu9dzDrMW/
https://wijsneusmedia.nl/cgi-bin/kFB/
http://www.angloextrema.com.br/assets/oEt1yYckHKlnNIq/
Targets
-
-
Target
ab6bf65bc625e483cb4a70ddc175441b32a43371de55cc7e62e471523e3c9590.xls
-
Size
91KB
-
MD5
34e91e54dccb9ec6593a6b1ffd06e7f1
-
SHA1
5ac97ab8cf8e39e2e91005cb07eafb7f0bd2be19
-
SHA256
ab6bf65bc625e483cb4a70ddc175441b32a43371de55cc7e62e471523e3c9590
-
SHA512
7e6723b7b778bbb70eb0319b9591ab7d91cdb7d6c970ab30edaf14579ded4599998176ce5e71454ce409ddb81f56c8d9b26ba2e283a047525c63e904ad6f2b50
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEbCXuZH4gb4CEn9J4ZAEM:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-