General
-
Target
f38426dd2a1d47865f9bb888a67667bd2ba14067c3fd5ef0616b8af6ebced1af.xls
-
Size
91KB
-
Sample
221110-ns7kdshec5
-
MD5
b3be57e741ac21b77dec7c9b226f0dde
-
SHA1
11a4d95185fb3fd105816e4a167524596515c484
-
SHA256
f38426dd2a1d47865f9bb888a67667bd2ba14067c3fd5ef0616b8af6ebced1af
-
SHA512
312c33d05490490810b6f8481ed487dfc91e68854fd84d70d73ab3c4554abac3cac9f56deb7684c20f87bd5f86b6ba4614ac4b04d45adad566b186de2f555a13
-
SSDEEP
1536:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgGbCXuZH4gb4CEn9J4Z/Cs9o2:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgu
Behavioral task
behavioral1
Sample
f38426dd2a1d47865f9bb888a67667bd2ba14067c3fd5ef0616b8af6ebced1af.xls
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
f38426dd2a1d47865f9bb888a67667bd2ba14067c3fd5ef0616b8af6ebced1af.xls
Resource
win10-20220812-en
Malware Config
Extracted
https://bosny.com/aspnet_client/R50QIOGjmvVlr/
http://navylin.com/autopoisonous/4fZQW/
http://asrani.garudaputih.com/nutabalong/bJYqoUIr99qNfoPDx/
http://db.rikaz.tech/lCx76IlkrBtEsqNFA7/zPYJzpOnzstNOiRHob/
Targets
-
-
Target
f38426dd2a1d47865f9bb888a67667bd2ba14067c3fd5ef0616b8af6ebced1af.xls
-
Size
91KB
-
MD5
b3be57e741ac21b77dec7c9b226f0dde
-
SHA1
11a4d95185fb3fd105816e4a167524596515c484
-
SHA256
f38426dd2a1d47865f9bb888a67667bd2ba14067c3fd5ef0616b8af6ebced1af
-
SHA512
312c33d05490490810b6f8481ed487dfc91e68854fd84d70d73ab3c4554abac3cac9f56deb7684c20f87bd5f86b6ba4614ac4b04d45adad566b186de2f555a13
-
SSDEEP
1536:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgGbCXuZH4gb4CEn9J4Z/Cs9o2:wKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgu
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-