General
-
Target
f161fd2e64317a191866944c3cb3850c54b0401398d7b935fcf3b9e78005de45.xls
-
Size
91KB
-
Sample
221110-batjlafcar
-
MD5
2c9fb02e9b7170a8a1e4b6028ffefbf5
-
SHA1
a3a8b106d745c1ff3a68cba4a2fac8aa255695de
-
SHA256
f161fd2e64317a191866944c3cb3850c54b0401398d7b935fcf3b9e78005de45
-
SHA512
0c7addeebdce91ebe2c47557094e302e671db8204cd95bc6549ef5addeabe6798be3035468b6f57107fd0fa9feb0c8644af180f30518e7156cc677c9e7697251
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgIbCXuZH4gb4CEn9J4ZJFQvj:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5
Behavioral task
behavioral1
Sample
f161fd2e64317a191866944c3cb3850c54b0401398d7b935fcf3b9e78005de45.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
f161fd2e64317a191866944c3cb3850c54b0401398d7b935fcf3b9e78005de45.xls
Resource
win10-20220812-en
Malware Config
Extracted
http://fixoutlet.com/logs/OGlRuU/
http://www.cesasin.com.ar/administrator/viA95RR/
http://blacktequila.com.br/2fb62HWWoKi5nfEq2D/XB5VOAXZkhVhSKveYUV/
http://case.co.il/_js/dooigYa/
Targets
-
-
Target
f161fd2e64317a191866944c3cb3850c54b0401398d7b935fcf3b9e78005de45.xls
-
Size
91KB
-
MD5
2c9fb02e9b7170a8a1e4b6028ffefbf5
-
SHA1
a3a8b106d745c1ff3a68cba4a2fac8aa255695de
-
SHA256
f161fd2e64317a191866944c3cb3850c54b0401398d7b935fcf3b9e78005de45
-
SHA512
0c7addeebdce91ebe2c47557094e302e671db8204cd95bc6549ef5addeabe6798be3035468b6f57107fd0fa9feb0c8644af180f30518e7156cc677c9e7697251
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgIbCXuZH4gb4CEn9J4ZJFQvj:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-