General
-
Target
d4a47cff88117daf3f2ce06778ef9c7978e4429daeb6855b545e11b7586e2027
-
Size
280KB
-
Sample
221124-j5ye2aah53
-
MD5
840be98d178832a8b2f18becc1edb2b7
-
SHA1
4167a8c9cf810ad04881da59462f94893f278bbc
-
SHA256
d4a47cff88117daf3f2ce06778ef9c7978e4429daeb6855b545e11b7586e2027
-
SHA512
0fb40061e3080913dea6167ce0f7f786cdb6ab5dc571197a1bb05bd14526d8cd0a3aa52143fa3662b45c97222cd1eb5845ca4b2f5d7e889ee4b507f52ff66fa2
-
SSDEEP
6144:CfOMS9QCYkKTCl2AZRcRvvMVwtPYaUIDrIuqQl6A5Xoq5R:CfxtCsWaOytPYZlI6q5
Malware Config
Targets
-
-
Target
d4a47cff88117daf3f2ce06778ef9c7978e4429daeb6855b545e11b7586e2027
-
Size
280KB
-
MD5
840be98d178832a8b2f18becc1edb2b7
-
SHA1
4167a8c9cf810ad04881da59462f94893f278bbc
-
SHA256
d4a47cff88117daf3f2ce06778ef9c7978e4429daeb6855b545e11b7586e2027
-
SHA512
0fb40061e3080913dea6167ce0f7f786cdb6ab5dc571197a1bb05bd14526d8cd0a3aa52143fa3662b45c97222cd1eb5845ca4b2f5d7e889ee4b507f52ff66fa2
-
SSDEEP
6144:CfOMS9QCYkKTCl2AZRcRvvMVwtPYaUIDrIuqQl6A5Xoq5R:CfxtCsWaOytPYZlI6q5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Adds Run key to start application
-
Drops file in System32 directory
-