General
-
Target
58ed24e2f3a8899959da10ce477e96e4df367b75620d7266a072ad97d6044db1.xls
-
Size
91KB
-
Sample
221110-l52hssghc2
-
MD5
87cb23924195895ab01b5b7c21bc9459
-
SHA1
4945174aea9cf187624c1dfb74513a5f82a120c2
-
SHA256
58ed24e2f3a8899959da10ce477e96e4df367b75620d7266a072ad97d6044db1
-
SHA512
c2f686a5c27278a54911450965013c359dbfcb19446191819060d919904adfaeac67068cf56cb0163ac26cb8b1a70af7ca9b0d90793f50d93690431dd695b123
-
SSDEEP
1536:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgGbCXuZH4gb4CEn9J4Z/is9o2:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgm
Behavioral task
behavioral1
Sample
58ed24e2f3a8899959da10ce477e96e4df367b75620d7266a072ad97d6044db1.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
58ed24e2f3a8899959da10ce477e96e4df367b75620d7266a072ad97d6044db1.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://bosny.com/aspnet_client/R50QIOGjmvVlr/
http://navylin.com/autopoisonous/4fZQW/
http://asrani.garudaputih.com/nutabalong/bJYqoUIr99qNfoPDx/
http://db.rikaz.tech/lCx76IlkrBtEsqNFA7/zPYJzpOnzstNOiRHob/
Targets
-
-
Target
58ed24e2f3a8899959da10ce477e96e4df367b75620d7266a072ad97d6044db1.xls
-
Size
91KB
-
MD5
87cb23924195895ab01b5b7c21bc9459
-
SHA1
4945174aea9cf187624c1dfb74513a5f82a120c2
-
SHA256
58ed24e2f3a8899959da10ce477e96e4df367b75620d7266a072ad97d6044db1
-
SHA512
c2f686a5c27278a54911450965013c359dbfcb19446191819060d919904adfaeac67068cf56cb0163ac26cb8b1a70af7ca9b0d90793f50d93690431dd695b123
-
SSDEEP
1536:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgGbCXuZH4gb4CEn9J4Z/is9o2:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgm
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-