General
-
Target
Data_2306.xls
-
Size
55KB
-
Sample
221205-g1symscf96
-
MD5
ceb04b9fffca2e2829ad38eb2759f6af
-
SHA1
05255544c27d0b91189de83165dbf10841e9b692
-
SHA256
7e55b39e29fa0280e14ba6408a88dbc7d7bb2f058fe99344d21af0282d4249bd
-
SHA512
d1060183bdfd0a60bcfe75f33d9560a391730497c574fe14b9aefe0aa975a0792dfa71e3980763d57d2fadac3b6f55ca5c7af0032328e40f14c99cab6f813f1a
-
SSDEEP
1536:G+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg2Qv6cNCVQ5:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgh
Behavioral task
behavioral1
Sample
Data_2306.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Data_2306.xls
Resource
win10v2004-20221111-en
Malware Config
Extracted
https://www.rec-escape.com/dev1/7hMk6v/
https://cheffsys.com/AZOTEA/QpZ/
http://balticcontrolbd.com/images/GG1d8an/
http://cabans.com/CeudWYRQEzZgrHPcI/yKANkXfH/
Extracted
https://www.rec-escape.com/dev1/7hMk6v/
https://cheffsys.com/AZOTEA/QpZ/
Targets
-
-
Target
Data_2306.xls
-
Size
55KB
-
MD5
ceb04b9fffca2e2829ad38eb2759f6af
-
SHA1
05255544c27d0b91189de83165dbf10841e9b692
-
SHA256
7e55b39e29fa0280e14ba6408a88dbc7d7bb2f058fe99344d21af0282d4249bd
-
SHA512
d1060183bdfd0a60bcfe75f33d9560a391730497c574fe14b9aefe0aa975a0792dfa71e3980763d57d2fadac3b6f55ca5c7af0032328e40f14c99cab6f813f1a
-
SSDEEP
1536:G+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg2Qv6cNCVQ5:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgh
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-