General
-
Target
561b85443dbcdcd982989820557546a99036b270dd6cf184708cad109f1715d8.xls
-
Size
91KB
-
Sample
221110-l94hysghf3
-
MD5
91ce864931d0058289fe2962a36648b7
-
SHA1
6fbd9a3564da0b25963400d3243ea699fb8d2d53
-
SHA256
561b85443dbcdcd982989820557546a99036b270dd6cf184708cad109f1715d8
-
SHA512
463b900ad71b48da422cce4dee3e183ac08e46ccd59161379875d9d376e327b30aa1935a521414167ae62c3a11b4f30c3f6ce8590f6dd5949f5838e978e1de01
-
SSDEEP
1536:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgGbCXuZH4gb4CEn9J4Z/Cs9o2:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG
Behavioral task
behavioral1
Sample
561b85443dbcdcd982989820557546a99036b270dd6cf184708cad109f1715d8.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
561b85443dbcdcd982989820557546a99036b270dd6cf184708cad109f1715d8.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://bosny.com/aspnet_client/R50QIOGjmvVlr/
http://navylin.com/autopoisonous/4fZQW/
http://asrani.garudaputih.com/nutabalong/bJYqoUIr99qNfoPDx/
http://db.rikaz.tech/lCx76IlkrBtEsqNFA7/zPYJzpOnzstNOiRHob/
Targets
-
-
Target
561b85443dbcdcd982989820557546a99036b270dd6cf184708cad109f1715d8.xls
-
Size
91KB
-
MD5
91ce864931d0058289fe2962a36648b7
-
SHA1
6fbd9a3564da0b25963400d3243ea699fb8d2d53
-
SHA256
561b85443dbcdcd982989820557546a99036b270dd6cf184708cad109f1715d8
-
SHA512
463b900ad71b48da422cce4dee3e183ac08e46ccd59161379875d9d376e327b30aa1935a521414167ae62c3a11b4f30c3f6ce8590f6dd5949f5838e978e1de01
-
SSDEEP
1536:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgGbCXuZH4gb4CEn9J4Z/Cs9o2:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-