General
-
Target
852814dff1f5436f435dd07b6e85bed63108e584904fd63f2ac684e678ff54b5
-
Size
24KB
-
Sample
221130-tfeazagg4z
-
MD5
2074b0a024bd3ac6f1b4d89dbabab077
-
SHA1
c28cc5109d94307c149501dd805cd95c4afb7d69
-
SHA256
852814dff1f5436f435dd07b6e85bed63108e584904fd63f2ac684e678ff54b5
-
SHA512
5ba5b174bc1b5f83fbf0e0e776a70d37dc1e6ce4ca3f9aa60dea1b732981b3a1daf80f75442cfaf5c4539ef3d6bcd205380665dd3b0496bfe689b981ff567d03
-
SSDEEP
768:qEIo2CBP+PD85eIAr/caeu+dCcd97mSHH9:qItfBdCemIH9
Behavioral task
behavioral1
Sample
852814dff1f5436f435dd07b6e85bed63108e584904fd63f2ac684e678ff54b5.xlsm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
852814dff1f5436f435dd07b6e85bed63108e584904fd63f2ac684e678ff54b5.xlsm
Resource
win10v2004-20220901-en
Malware Config
Extracted
http://acorn-paper.com/components/com_content/models/bs/s.vbs
Extracted
http://acorn-paper.com/components/com_content/models/bs/s.vbs
Targets
-
-
Target
852814dff1f5436f435dd07b6e85bed63108e584904fd63f2ac684e678ff54b5
-
Size
24KB
-
MD5
2074b0a024bd3ac6f1b4d89dbabab077
-
SHA1
c28cc5109d94307c149501dd805cd95c4afb7d69
-
SHA256
852814dff1f5436f435dd07b6e85bed63108e584904fd63f2ac684e678ff54b5
-
SHA512
5ba5b174bc1b5f83fbf0e0e776a70d37dc1e6ce4ca3f9aa60dea1b732981b3a1daf80f75442cfaf5c4539ef3d6bcd205380665dd3b0496bfe689b981ff567d03
-
SSDEEP
768:qEIo2CBP+PD85eIAr/caeu+dCcd97mSHH9:qItfBdCemIH9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-