General
-
Target
800d6760b293cd2e33128cff0e08e1000a53ab91c3ba05e6e1577a9490899b59
-
Size
28KB
-
Sample
221130-vcpg7sgg65
-
MD5
687ddd53b6c273583e08db1698bfeabc
-
SHA1
ed237ecf129e28f509de74a6f3c560a3d2aa2bec
-
SHA256
800d6760b293cd2e33128cff0e08e1000a53ab91c3ba05e6e1577a9490899b59
-
SHA512
3462614f8f8c9260be3bd585c9c307c1b6abe184950338b65e52a52a56184b4813351f7df035261f276473cb351a8d82d6d673cb8e5ea21aae5509c16222c0ef
-
SSDEEP
768:+dgb8qEv5j/hv2454yNX0R/V+BKlRGstxHIU:+B15j/s45rNER/V+B6Rn7HIU
Behavioral task
behavioral1
Sample
800d6760b293cd2e33128cff0e08e1000a53ab91c3ba05e6e1577a9490899b59.xlsm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
800d6760b293cd2e33128cff0e08e1000a53ab91c3ba05e6e1577a9490899b59.xlsm
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://lokipanelhostingpanel.gq/work/worknew/1.exe
Targets
-
-
Target
800d6760b293cd2e33128cff0e08e1000a53ab91c3ba05e6e1577a9490899b59
-
Size
28KB
-
MD5
687ddd53b6c273583e08db1698bfeabc
-
SHA1
ed237ecf129e28f509de74a6f3c560a3d2aa2bec
-
SHA256
800d6760b293cd2e33128cff0e08e1000a53ab91c3ba05e6e1577a9490899b59
-
SHA512
3462614f8f8c9260be3bd585c9c307c1b6abe184950338b65e52a52a56184b4813351f7df035261f276473cb351a8d82d6d673cb8e5ea21aae5509c16222c0ef
-
SSDEEP
768:+dgb8qEv5j/hv2454yNX0R/V+BKlRGstxHIU:+B15j/s45rNER/V+B6Rn7HIU
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-