General
-
Target
Shields Business Solutions Inc. Payment.xlsx
-
Size
432KB
-
Sample
221122-yyfc7sba41
-
MD5
d477e387ba700d5370d0bef98de4eb8b
-
SHA1
ff544f6d0aea7e990d10cc442f3292fbb37d338c
-
SHA256
852c0560d3e7917eccdbaf3013be43c0bd34fa39a92c56ba87d737ffe9f1c2f2
-
SHA512
76bc77018bae2ef29cde11bb96de4dbf88530b5a0cb11a11e6d5743df4124daa54d17d1c05b56503cbb3507830512616fe62d677f23ea43f5cb34e7e82c41545
-
SSDEEP
12288:T8q6Lnmb7c7TO+lnVFqwjymB8YwWl6Ieg2v7EUnEcE:Aq6Lm8XV/FymBF6I32vIDP
Static task
static1
Behavioral task
behavioral1
Sample
Shields Business Solutions Inc. Payment.xlsx
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Shields Business Solutions Inc. Payment.xlsx
-
Size
432KB
-
MD5
d477e387ba700d5370d0bef98de4eb8b
-
SHA1
ff544f6d0aea7e990d10cc442f3292fbb37d338c
-
SHA256
852c0560d3e7917eccdbaf3013be43c0bd34fa39a92c56ba87d737ffe9f1c2f2
-
SHA512
76bc77018bae2ef29cde11bb96de4dbf88530b5a0cb11a11e6d5743df4124daa54d17d1c05b56503cbb3507830512616fe62d677f23ea43f5cb34e7e82c41545
-
SSDEEP
12288:T8q6Lnmb7c7TO+lnVFqwjymB8YwWl6Ieg2v7EUnEcE:Aq6Lm8XV/FymBF6I32vIDP
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Adds Run key to start application
-