General
-
Target
ef16379c9717db4aca1de752e6a9edefe69fb22d5c3ab28b846aa8e08a1f2385.xls
-
Size
91KB
-
Sample
221110-bcsebafccj
-
MD5
492890ab383cf13a522d67976dae957c
-
SHA1
5f90b8d5567e708ab55d5534b772c1cf09ffd060
-
SHA256
ef16379c9717db4aca1de752e6a9edefe69fb22d5c3ab28b846aa8e08a1f2385
-
SHA512
5cd8f5a94e902edf9ec43c54817154bff4485c4edb0f718fa913c825a71aeff1c132e533c2d47a36346ea28d3ed305041f7e518e24f72545f6261c665db9c7e4
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgMbCXuZH4gb4CEn9J4ZWX3O:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgi
Behavioral task
behavioral1
Sample
ef16379c9717db4aca1de752e6a9edefe69fb22d5c3ab28b846aa8e08a1f2385.xls
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
ef16379c9717db4aca1de752e6a9edefe69fb22d5c3ab28b846aa8e08a1f2385.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://encuadernacionesartis.com/Vk2Z1Na/IZpyySkbU/
http://eznetb.synology.me/@eaDir/E36Y/
http://bytesendesign.nl/cgi-bin/LolX/
http://choltice.eu/mwc/syl3Y/
Targets
-
-
Target
ef16379c9717db4aca1de752e6a9edefe69fb22d5c3ab28b846aa8e08a1f2385.xls
-
Size
91KB
-
MD5
492890ab383cf13a522d67976dae957c
-
SHA1
5f90b8d5567e708ab55d5534b772c1cf09ffd060
-
SHA256
ef16379c9717db4aca1de752e6a9edefe69fb22d5c3ab28b846aa8e08a1f2385
-
SHA512
5cd8f5a94e902edf9ec43c54817154bff4485c4edb0f718fa913c825a71aeff1c132e533c2d47a36346ea28d3ed305041f7e518e24f72545f6261c665db9c7e4
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgMbCXuZH4gb4CEn9J4ZWX3O:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgi
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-