General
-
Target
8468b3ffc49d173c1ebf31f15bf978fe4590167536d4142fa4d91ef3cd5fd4c2.xls
-
Size
91KB
-
Sample
221109-wtppzabaf4
-
MD5
a5a66eb9a644a306a86272b52f1bd633
-
SHA1
3068f38b60b2ec30d4244d7430c3cb3ae8ead523
-
SHA256
8468b3ffc49d173c1ebf31f15bf978fe4590167536d4142fa4d91ef3cd5fd4c2
-
SHA512
2f62bd1408185324a7c36be994c72ac2dc663bf47401b9dc3312b855338fd6bf58609db9522f322679e1b68ae64828a2f701d7684cc74d1448ca5978b4ce8fda
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEbCXuZH4gb4CEn9J4ZQEM:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgp
Behavioral task
behavioral1
Sample
8468b3ffc49d173c1ebf31f15bf978fe4590167536d4142fa4d91ef3cd5fd4c2.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
8468b3ffc49d173c1ebf31f15bf978fe4590167536d4142fa4d91ef3cd5fd4c2.xls
Resource
win10-20220812-en
Malware Config
Extracted
http://www.muyehuayi.com/cmp/8asA99KPsyA/v6lUsWbLen/
http://concivilpa.com.py/wp-admin/i3CQu9dzDrMW/
https://wijsneusmedia.nl/cgi-bin/kFB/
http://www.angloextrema.com.br/assets/oEt1yYckHKlnNIq/
Targets
-
-
Target
8468b3ffc49d173c1ebf31f15bf978fe4590167536d4142fa4d91ef3cd5fd4c2.xls
-
Size
91KB
-
MD5
a5a66eb9a644a306a86272b52f1bd633
-
SHA1
3068f38b60b2ec30d4244d7430c3cb3ae8ead523
-
SHA256
8468b3ffc49d173c1ebf31f15bf978fe4590167536d4142fa4d91ef3cd5fd4c2
-
SHA512
2f62bd1408185324a7c36be994c72ac2dc663bf47401b9dc3312b855338fd6bf58609db9522f322679e1b68ae64828a2f701d7684cc74d1448ca5978b4ce8fda
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEbCXuZH4gb4CEn9J4ZQEM:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgp
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-