General
-
Target
abf05a49ab888fcbe3984003176fe6e56c0f79eb82b3f501d161ba357f1c10db
-
Size
97KB
-
Sample
221124-eg9qyaff53
-
MD5
995e82bbfd99cfafff0ba56d92f31fb6
-
SHA1
84155eb964249e35438f07480d694b4b35b31922
-
SHA256
abf05a49ab888fcbe3984003176fe6e56c0f79eb82b3f501d161ba357f1c10db
-
SHA512
c356e63e1d8c679c6f3bb93ae64d411005b84d1369e6904538c476718919c5ec94edcb3d45fac2c36e35af3a2e33536d3010af25713f1cdfe7c871c78485850c
-
SSDEEP
3072:w1ZS6kQCdvXpcgddiTmxhYg6y8ewUSR7CPiK:wm6krdvXpcgddYmDYg6VLgH
Behavioral task
behavioral1
Sample
Summary-1702295810-Jan31.xlsb
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Summary-1702295810-Jan31.xlsb
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://94.140.112.209/3158120890161990.dat
http://185.190.80.172/3158120890161990.dat
http://111.90.150.43/%203158120890161990.dat
Extracted
http://94.140.112.209/5226172599393720.dat
http://185.190.80.172/5226172599393720.dat
http://111.90.150.43/%205226172599393720.dat
Targets
-
-
Target
Summary-1702295810-Jan31.xlsb
-
Size
129KB
-
MD5
ace572c463a4750dd386230a49d0813d
-
SHA1
e6a8f6591ca251d8dff34777da4b34aeff887f5f
-
SHA256
ff6d0d7393fce9ee3eb0ba57954f8fc3129dc7091d5c0a5405bc0ba9c2e158a0
-
SHA512
20590fa7e831c95b481976205df7d1af464bd66bc6443c62c63aad6238604abfa3ade5fae5ea90755b0d7c69b4513fe2a7fd39f268d54284b628feec31cc2bed
-
SSDEEP
3072:S+vHLEhWYjnsCbxKljNE5gKmFOi+uaE7O6Lk:rohtrsCbxKljDKmFOi/7Ob
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-