General
-
Target
4142fcde447fc96fe3b95e93be525cdf365723c74481bfb3f36b192d85c04656
-
Size
18KB
-
Sample
221130-szwhxsce96
-
MD5
53ce86cf81a90b586e47a623ae7918e0
-
SHA1
db92cd464b596aec58dc5550054ed561290086b0
-
SHA256
4142fcde447fc96fe3b95e93be525cdf365723c74481bfb3f36b192d85c04656
-
SHA512
bb7aef7718d5862753da14bd1a69550c3322e9e861925b80d13289df64ec063306e7db3413b7aad73c1ffcfedb3571c26ecdb322559388c9e107174b6035ca16
-
SSDEEP
384:HestWmoXjCLOpE/UyzdRdRP/kMwbYmbaNAWUZasA0JPHQxau6:+sCCKE/U4j9/kMAYmuNvwcT4
Behavioral task
behavioral1
Sample
4142fcde447fc96fe3b95e93be525cdf365723c74481bfb3f36b192d85c04656.xlsm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
4142fcde447fc96fe3b95e93be525cdf365723c74481bfb3f36b192d85c04656.xlsm
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://onedrivenet.xyz/work/p.vbs
Extracted
http://onedrivenet.xyz/work/p.vbs
Targets
-
-
Target
4142fcde447fc96fe3b95e93be525cdf365723c74481bfb3f36b192d85c04656
-
Size
18KB
-
MD5
53ce86cf81a90b586e47a623ae7918e0
-
SHA1
db92cd464b596aec58dc5550054ed561290086b0
-
SHA256
4142fcde447fc96fe3b95e93be525cdf365723c74481bfb3f36b192d85c04656
-
SHA512
bb7aef7718d5862753da14bd1a69550c3322e9e861925b80d13289df64ec063306e7db3413b7aad73c1ffcfedb3571c26ecdb322559388c9e107174b6035ca16
-
SSDEEP
384:HestWmoXjCLOpE/UyzdRdRP/kMwbYmbaNAWUZasA0JPHQxau6:+sCCKE/U4j9/kMAYmuNvwcT4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-