General
-
Target
Confirmation transfer Copy AGS # 22-0035.xls
-
Size
432KB
-
Sample
221128-t9yxgaaa32
-
MD5
2f96000f8f64813fd2133acffcf6b676
-
SHA1
5c6a58bdb2379854d93e160bd3ac536be6fbaef0
-
SHA256
742811182bafd0540730921c9fb8315d10bed941b79c7b43b08b0a12fd924ec0
-
SHA512
2b4ae0f09927ade66a56efd74210f91a450ed721e8a4c351e0b5cdf8345d755cb047d60877ee1773a4212f2579ae013445fbfb407ec52aa0c058a5eac397cd35
-
SSDEEP
6144:KxEtjPOtioVjZUGGnwfDlavx+W2QdAwoLKRH2XS2t6V96NNahztExGfld9XGG1:hdzgqlT2
Behavioral task
behavioral1
Sample
Confirmation transfer Copy AGS # 22-0035.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Confirmation transfer Copy AGS # 22-0035.xls
Resource
win10v2004-20221111-en
Malware Config
Extracted
https://server-panelllx-9.gq/Myfile.exe
Targets
-
-
Target
Confirmation transfer Copy AGS # 22-0035.xls
-
Size
432KB
-
MD5
2f96000f8f64813fd2133acffcf6b676
-
SHA1
5c6a58bdb2379854d93e160bd3ac536be6fbaef0
-
SHA256
742811182bafd0540730921c9fb8315d10bed941b79c7b43b08b0a12fd924ec0
-
SHA512
2b4ae0f09927ade66a56efd74210f91a450ed721e8a4c351e0b5cdf8345d755cb047d60877ee1773a4212f2579ae013445fbfb407ec52aa0c058a5eac397cd35
-
SSDEEP
6144:KxEtjPOtioVjZUGGnwfDlavx+W2QdAwoLKRH2XS2t6V96NNahztExGfld9XGG1:hdzgqlT2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-