General
-
Target
cb53bf4394e7f77534ca8bfa1039fc76c50a54be4dce411926dbb594a1a55c52.xlsx
-
Size
82KB
-
Sample
230116-lvax4aha8y
-
MD5
b6c09b88eeb411e648f688e7ca6a1ca9
-
SHA1
da6a58fbb01118bf77842f75cb217c3cf33ded2f
-
SHA256
cb53bf4394e7f77534ca8bfa1039fc76c50a54be4dce411926dbb594a1a55c52
-
SHA512
adb123a059e116faa65717e4c7cd51479750d45457e63642b16dcc82b7b25c18ef5c43e9c54fc35ae5056b243ba1177d01453f0f985f48d6b9a031079a874f00
-
SSDEEP
1536:UWLP2CET+S+agP7nA9u9DE23j/iuRPk4OJ2QspRxW+gdFx:V0T1k7TA+jiq1i2QspRk+gdFx
Behavioral task
behavioral1
Sample
cb53bf4394e7f77534ca8bfa1039fc76c50a54be4dce411926dbb594a1a55c52.xlsb
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
cb53bf4394e7f77534ca8bfa1039fc76c50a54be4dce411926dbb594a1a55c52.xlsb
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://136.144.181.174:8080/Q2W5VWUFL5VCMQ7JQPETG3CCTYX72Z4R25PDG
Targets
-
-
Target
cb53bf4394e7f77534ca8bfa1039fc76c50a54be4dce411926dbb594a1a55c52.xlsx
-
Size
82KB
-
MD5
b6c09b88eeb411e648f688e7ca6a1ca9
-
SHA1
da6a58fbb01118bf77842f75cb217c3cf33ded2f
-
SHA256
cb53bf4394e7f77534ca8bfa1039fc76c50a54be4dce411926dbb594a1a55c52
-
SHA512
adb123a059e116faa65717e4c7cd51479750d45457e63642b16dcc82b7b25c18ef5c43e9c54fc35ae5056b243ba1177d01453f0f985f48d6b9a031079a874f00
-
SSDEEP
1536:UWLP2CET+S+agP7nA9u9DE23j/iuRPk4OJ2QspRxW+gdFx:V0T1k7TA+jiq1i2QspRk+gdFx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-