General
-
Target
Invoice-N192793.xls
-
Size
102KB
-
Sample
221127-vs5t5ahe7y
-
MD5
a88329a0eca1ff4a5d59dd6270d08267
-
SHA1
a812bbcb57431be5b0d436590ae4a53465bb1e25
-
SHA256
bf57ecd7a6c0166dd27f311cebda08ed8e9305cfaa66fe68131ba29250ba94f3
-
SHA512
a7bc77709e943d92af345073f639a54d195258020bf5b7ca178eae6b7c90a1d984f2af660aa6e5112ec8389ff0dd27493244e22540acc3ae80ac7792fe066ec5
-
SSDEEP
3072:4k3hOdsylKlgryzc4bNhZFGzE+cL2knAk6vy/sUeo0JSpfiXa:4k3hOdsylKlgryzc4bNhZF+E+W2knAj
Behavioral task
behavioral1
Sample
Invoice-N192793.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Invoice-N192793.xls
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
Invoice-N192793.xls
-
Size
102KB
-
MD5
a88329a0eca1ff4a5d59dd6270d08267
-
SHA1
a812bbcb57431be5b0d436590ae4a53465bb1e25
-
SHA256
bf57ecd7a6c0166dd27f311cebda08ed8e9305cfaa66fe68131ba29250ba94f3
-
SHA512
a7bc77709e943d92af345073f639a54d195258020bf5b7ca178eae6b7c90a1d984f2af660aa6e5112ec8389ff0dd27493244e22540acc3ae80ac7792fe066ec5
-
SSDEEP
3072:4k3hOdsylKlgryzc4bNhZFGzE+cL2knAk6vy/sUeo0JSpfiXa:4k3hOdsylKlgryzc4bNhZF+E+W2knAj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-