General
-
Target
бланк заказа 2022 июнь.xlsm
-
Size
1.5MB
-
Sample
221130-r7aezsch7y
-
MD5
b0587b50aaa357457792bc508a1a2615
-
SHA1
691451044e9e8a6f5ac67a756703d068982ec745
-
SHA256
2d6daa2d0d391cdd3432a492f638980bbff386ba330bbba1035cea946176e8c8
-
SHA512
1d76bd0daa19975762a41c7d735c23c7217aee02756697874d80dcaba273c8576c1c750bd2a2cd2b9a9fc65ba3d3c079cd1a908c092c6b11fb34cccc2521c948
-
SSDEEP
24576:AnN//CUs/z2vuEGmGiKhnT7fLqHBCua1rM2pfoK52TOwlbCEf522F0n:AN/KUsrUuEGmGiQTShCLNUTZX9mn
Behavioral task
behavioral1
Sample
бланк заказа 2022 июнь.xlsm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
бланк заказа 2022 июнь.xlsm
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
бланк заказа 2022 июнь.xlsm
-
Size
1.5MB
-
MD5
b0587b50aaa357457792bc508a1a2615
-
SHA1
691451044e9e8a6f5ac67a756703d068982ec745
-
SHA256
2d6daa2d0d391cdd3432a492f638980bbff386ba330bbba1035cea946176e8c8
-
SHA512
1d76bd0daa19975762a41c7d735c23c7217aee02756697874d80dcaba273c8576c1c750bd2a2cd2b9a9fc65ba3d3c079cd1a908c092c6b11fb34cccc2521c948
-
SSDEEP
24576:AnN//CUs/z2vuEGmGiKhnT7fLqHBCua1rM2pfoK52TOwlbCEf522F0n:AN/KUsrUuEGmGiQTShCLNUTZX9mn
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-