General
-
Target
861be49ee659b50b073e7d6c1074b5db21253729a1eb8dd632e93963f3204eb6.xls
-
Size
91KB
-
Sample
221110-l1jgesggf9
-
MD5
5f2aeff098ddfed65145dd16c9436fe9
-
SHA1
4d9117d69b0f7668e68ff104f754650da45582ce
-
SHA256
861be49ee659b50b073e7d6c1074b5db21253729a1eb8dd632e93963f3204eb6
-
SHA512
f73d83791f33c3d4088b1eb2c4e2f79896bf008473dd1fdfa95057964153e2cad6ea5d3192e70c0951118524eacac4a005b808437ac3ae364fb358a859ed3491
-
SSDEEP
1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4Z3z3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG
Behavioral task
behavioral1
Sample
861be49ee659b50b073e7d6c1074b5db21253729a1eb8dd632e93963f3204eb6.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
861be49ee659b50b073e7d6c1074b5db21253729a1eb8dd632e93963f3204eb6.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://www.conceptagency.net/css/b8eaKN/
https://bencevendeghaz.hu/2zjoi/cwfKJOzA/
http://45.32.114.141/xilte/Uqm6Eysf3Hkjwh/
http://ruitaiwz.com/wp-admin/MXlp5IsUKwT1k0DtzT/
Targets
-
-
Target
861be49ee659b50b073e7d6c1074b5db21253729a1eb8dd632e93963f3204eb6.xls
-
Size
91KB
-
MD5
5f2aeff098ddfed65145dd16c9436fe9
-
SHA1
4d9117d69b0f7668e68ff104f754650da45582ce
-
SHA256
861be49ee659b50b073e7d6c1074b5db21253729a1eb8dd632e93963f3204eb6
-
SHA512
f73d83791f33c3d4088b1eb2c4e2f79896bf008473dd1fdfa95057964153e2cad6ea5d3192e70c0951118524eacac4a005b808437ac3ae364fb358a859ed3491
-
SSDEEP
1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4Z3z3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-