General
-
Target
Confirmation transfer Copy AGS 22-0035.xls
-
Size
432KB
-
Sample
221128-t9yxgaaa29
-
MD5
b370036e80b83499b4bc486137b893c4
-
SHA1
b4d424e2da518fe193346809be62e63c44e97fdd
-
SHA256
42d0082e585e06f70971897e9c1b7a5f40b92e39889082c648ad7d3ff66905f9
-
SHA512
f59cdb1c1b3088f407c5b578acfaf87726788b08fa35a3ff9b2fc81b5c0fb0f5816b07c19ca3d5c753c18e124cbeafdb4920d7734a062211963c17c2b0919b47
-
SSDEEP
6144:XxEtjPOtioVjZUGGnwfDlavx+W2QdAwoLKRH2XS2t6V96NNahztExGfld9XGG1:MdzgqlT2
Behavioral task
behavioral1
Sample
Confirmation transfer Copy AGS 22-0035.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Confirmation transfer Copy AGS 22-0035.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
https://server-panelllx-9.gq/Myfile.exe
Targets
-
-
Target
Confirmation transfer Copy AGS 22-0035.xls
-
Size
432KB
-
MD5
b370036e80b83499b4bc486137b893c4
-
SHA1
b4d424e2da518fe193346809be62e63c44e97fdd
-
SHA256
42d0082e585e06f70971897e9c1b7a5f40b92e39889082c648ad7d3ff66905f9
-
SHA512
f59cdb1c1b3088f407c5b578acfaf87726788b08fa35a3ff9b2fc81b5c0fb0f5816b07c19ca3d5c753c18e124cbeafdb4920d7734a062211963c17c2b0919b47
-
SSDEEP
6144:XxEtjPOtioVjZUGGnwfDlavx+W2QdAwoLKRH2XS2t6V96NNahztExGfld9XGG1:MdzgqlT2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-