General
-
Target
2c56039d9e64e22bcf397bd7b686bf3c33c286b8feb57b5e18cd2cce712fa0f5.xls
-
Size
91KB
-
Sample
221110-becrmsdee8
-
MD5
36a79280902ab92fd393eb872c851b78
-
SHA1
ca70b7af425307a6530fbfae048c5e45436941a7
-
SHA256
2c56039d9e64e22bcf397bd7b686bf3c33c286b8feb57b5e18cd2cce712fa0f5
-
SHA512
834279ffd3b324aaa350a3ab3262395c701d4c58fcd58ee8b5c256501fcbcd745dc45d81d4ebd7d840c62a55efcc7a09709b56c713c04dcb5838f953d2a35213
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgIbCXuZH4gb4CEn9J4ZJBQvj:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgN
Behavioral task
behavioral1
Sample
2c56039d9e64e22bcf397bd7b686bf3c33c286b8feb57b5e18cd2cce712fa0f5.xls
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
2c56039d9e64e22bcf397bd7b686bf3c33c286b8feb57b5e18cd2cce712fa0f5.xls
Resource
win10-20220812-en
Malware Config
Extracted
http://fixoutlet.com/logs/OGlRuU/
http://www.cesasin.com.ar/administrator/viA95RR/
http://blacktequila.com.br/2fb62HWWoKi5nfEq2D/XB5VOAXZkhVhSKveYUV/
http://case.co.il/_js/dooigYa/
Targets
-
-
Target
2c56039d9e64e22bcf397bd7b686bf3c33c286b8feb57b5e18cd2cce712fa0f5.xls
-
Size
91KB
-
MD5
36a79280902ab92fd393eb872c851b78
-
SHA1
ca70b7af425307a6530fbfae048c5e45436941a7
-
SHA256
2c56039d9e64e22bcf397bd7b686bf3c33c286b8feb57b5e18cd2cce712fa0f5
-
SHA512
834279ffd3b324aaa350a3ab3262395c701d4c58fcd58ee8b5c256501fcbcd745dc45d81d4ebd7d840c62a55efcc7a09709b56c713c04dcb5838f953d2a35213
-
SSDEEP
1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgIbCXuZH4gb4CEn9J4ZJBQvj:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgN
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-