General
-
Target
44d12400be53c5a0606f05704f2571352f10435e69eaf404bffb059f7b95dda4
-
Size
50KB
-
Sample
221126-zygfyaeb33
-
MD5
666d89831ed03216b190699afd9de5ae
-
SHA1
4949ac02208846fa9ac55b4a7303fdaca4cfd6c2
-
SHA256
44d12400be53c5a0606f05704f2571352f10435e69eaf404bffb059f7b95dda4
-
SHA512
42ead2cd568deedf10f52c2434d8fb60051d0857d92f6b0e7f21cd7a9b99aef4291b2efa63848d1fa8f6495b70299eeaf6b5231c74fdcefbb7627ef9b1d79c51
-
SSDEEP
1536:v/gvPgHI4mrYKG5XmvSKERfQmX7B6Jnoh:QEI1IiSFRfQm2noh
Behavioral task
behavioral1
Sample
语文.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
语文.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
语文.xls
-
Size
155KB
-
MD5
affab620cd4c0a0b6b68d9eb1dbddd1e
-
SHA1
86d4a4c9328762e7819d9d1203bafa9ceb2e7023
-
SHA256
18ee8040609562e0d7890555c27bbf19029a41f724209eb8f49a1c021314e91c
-
SHA512
5b5b4fa2eaae68ddab8db99ccfc27eddd0ca13d9a735da5421f18c0a8eb3242279b8dc3857076c0346e5f5bab37ca2492d4b6a32317377481e2504b08756e35e
-
SSDEEP
3072:LSVQzu271vEDW3YkWVbrzQ7IjHgkZyDWTtn6KNLk:L0vHj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-