General
-
Target
7028268ae4a5af19fc890c6745608aa69b3a729371a237fb6a732887213b0dda
-
Size
23KB
-
Sample
221130-t5hppagb48
-
MD5
6fc10fd570bd65f39c8b92151805e6f0
-
SHA1
2430bf3cfc175b2939f214c1dd396865ccfb7a3f
-
SHA256
7028268ae4a5af19fc890c6745608aa69b3a729371a237fb6a732887213b0dda
-
SHA512
34aea2b30f0bced58a811f26967797f8e3396892a8d0b812c9245eded111f032544bba01b36d642702e4e45a1e4e21a7ce56b59eb375b6674c9451bfa745c94e
-
SSDEEP
384:HehHhSrxOfYv2gDufBT1RO8S5VdkvnQrAkipPOhs/AnBgJPHQ6atl:+ZyVv2gqfBvZGaDO+o2Y
Behavioral task
behavioral1
Sample
7028268ae4a5af19fc890c6745608aa69b3a729371a237fb6a732887213b0dda.xlsm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
7028268ae4a5af19fc890c6745608aa69b3a729371a237fb6a732887213b0dda.xlsm
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://fast-cargo.com/images/file/vb/VBS/3.vbs
Extracted
http://fast-cargo.com/images/file/vb/VBS/3.vbs
Targets
-
-
Target
7028268ae4a5af19fc890c6745608aa69b3a729371a237fb6a732887213b0dda
-
Size
23KB
-
MD5
6fc10fd570bd65f39c8b92151805e6f0
-
SHA1
2430bf3cfc175b2939f214c1dd396865ccfb7a3f
-
SHA256
7028268ae4a5af19fc890c6745608aa69b3a729371a237fb6a732887213b0dda
-
SHA512
34aea2b30f0bced58a811f26967797f8e3396892a8d0b812c9245eded111f032544bba01b36d642702e4e45a1e4e21a7ce56b59eb375b6674c9451bfa745c94e
-
SSDEEP
384:HehHhSrxOfYv2gDufBT1RO8S5VdkvnQrAkipPOhs/AnBgJPHQ6atl:+ZyVv2gqfBvZGaDO+o2Y
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-