General
-
Target
6ab2a3bb8c89944f0d644a2c916700d0e3f862e9efde37fc4a789384c7e58db6.xls
-
Size
91KB
-
Sample
221110-lxb8yaggd9
-
MD5
82fe9306449b426b0627038ddbd1c918
-
SHA1
56c7ef0171897d5527398c70540e18351e211d25
-
SHA256
6ab2a3bb8c89944f0d644a2c916700d0e3f862e9efde37fc4a789384c7e58db6
-
SHA512
de2a7606863268b49ced54f08d06fac14bad888b6427de12cf80016ca04693ed48bc824f87793c33d46cbe7ab05625afb1115876d0a5641bba1beef80a1091d8
-
SSDEEP
1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4ZXz3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgu
Behavioral task
behavioral1
Sample
6ab2a3bb8c89944f0d644a2c916700d0e3f862e9efde37fc4a789384c7e58db6.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
6ab2a3bb8c89944f0d644a2c916700d0e3f862e9efde37fc4a789384c7e58db6.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://www.conceptagency.net/css/b8eaKN/
https://bencevendeghaz.hu/2zjoi/cwfKJOzA/
http://45.32.114.141/xilte/Uqm6Eysf3Hkjwh/
http://ruitaiwz.com/wp-admin/MXlp5IsUKwT1k0DtzT/
Targets
-
-
Target
6ab2a3bb8c89944f0d644a2c916700d0e3f862e9efde37fc4a789384c7e58db6.xls
-
Size
91KB
-
MD5
82fe9306449b426b0627038ddbd1c918
-
SHA1
56c7ef0171897d5527398c70540e18351e211d25
-
SHA256
6ab2a3bb8c89944f0d644a2c916700d0e3f862e9efde37fc4a789384c7e58db6
-
SHA512
de2a7606863268b49ced54f08d06fac14bad888b6427de12cf80016ca04693ed48bc824f87793c33d46cbe7ab05625afb1115876d0a5641bba1beef80a1091d8
-
SSDEEP
1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4ZXz3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgu
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-