General
-
Target
0348f32d5d0e81a2f47af168847430122e7d59fde57ff5902e51b3aee9a8f50b.xls
-
Size
91KB
-
Sample
221110-a8k5fadeb3
-
MD5
b4eaf2436074e7802333cc00806ae597
-
SHA1
960e5bedc9d1603d9a114a87ef46f6729b2598b5
-
SHA256
0348f32d5d0e81a2f47af168847430122e7d59fde57ff5902e51b3aee9a8f50b
-
SHA512
288bf4af8cbf33833f5fad9fcbbda3fc03dd61c16db4d9667ee270468d5b0f0e2d66c0db17302055d0fd65f2dce6d8242e209b72322702647e26ca0343d06ca5
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgMbCXuZH4gb4CEn9J4ZyX3O:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG
Behavioral task
behavioral1
Sample
0348f32d5d0e81a2f47af168847430122e7d59fde57ff5902e51b3aee9a8f50b.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
0348f32d5d0e81a2f47af168847430122e7d59fde57ff5902e51b3aee9a8f50b.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://encuadernacionesartis.com/Vk2Z1Na/IZpyySkbU/
http://eznetb.synology.me/@eaDir/E36Y/
http://bytesendesign.nl/cgi-bin/LolX/
http://choltice.eu/mwc/syl3Y/
Targets
-
-
Target
0348f32d5d0e81a2f47af168847430122e7d59fde57ff5902e51b3aee9a8f50b.xls
-
Size
91KB
-
MD5
b4eaf2436074e7802333cc00806ae597
-
SHA1
960e5bedc9d1603d9a114a87ef46f6729b2598b5
-
SHA256
0348f32d5d0e81a2f47af168847430122e7d59fde57ff5902e51b3aee9a8f50b
-
SHA512
288bf4af8cbf33833f5fad9fcbbda3fc03dd61c16db4d9667ee270468d5b0f0e2d66c0db17302055d0fd65f2dce6d8242e209b72322702647e26ca0343d06ca5
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgMbCXuZH4gb4CEn9J4ZyX3O:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-