General
-
Target
d49bac60275f4e2ddffd354586089539519cf3821f93479b19b5ddf12599721c
-
Size
284KB
-
Sample
221128-nddc1ahh48
-
MD5
f0148b0514c2131c0826903daec6c830
-
SHA1
787233eb1900b9cb7d761bd219557f6aa4511913
-
SHA256
d49bac60275f4e2ddffd354586089539519cf3821f93479b19b5ddf12599721c
-
SHA512
3763b093476815edd1b1fe87c55ba7d96b6905d3177eb73bb42880ecb4ed407b3ab2440cb0315f63328b769325d74bbb05f1fef8e7d2d454e4c71351c33200f5
-
SSDEEP
6144:1s5XQ3P8/uqrzD4WI6NIcNj+VwJAZQvcjkBC4v7+WZ9ebBD:l3P8//D361yJW90C2Kl
Behavioral task
behavioral1
Sample
d49bac60275f4e2ddffd354586089539519cf3821f93479b19b5ddf12599721c.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d49bac60275f4e2ddffd354586089539519cf3821f93479b19b5ddf12599721c.xls
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
d49bac60275f4e2ddffd354586089539519cf3821f93479b19b5ddf12599721c
-
Size
284KB
-
MD5
f0148b0514c2131c0826903daec6c830
-
SHA1
787233eb1900b9cb7d761bd219557f6aa4511913
-
SHA256
d49bac60275f4e2ddffd354586089539519cf3821f93479b19b5ddf12599721c
-
SHA512
3763b093476815edd1b1fe87c55ba7d96b6905d3177eb73bb42880ecb4ed407b3ab2440cb0315f63328b769325d74bbb05f1fef8e7d2d454e4c71351c33200f5
-
SSDEEP
6144:1s5XQ3P8/uqrzD4WI6NIcNj+VwJAZQvcjkBC4v7+WZ9ebBD:l3P8//D361yJW90C2Kl
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Adds Run key to start application
-
Drops file in System32 directory
-