General
-
Target
Bloomberg BNA Invoice Enclosed 0984762748365..xls
-
Size
59KB
-
Sample
230116-s7l98ahd49
-
MD5
7c853ab182e0e0a51baa85ba460ddf51
-
SHA1
b865efd764549e7e64eaa37ae67a977958a5fcec
-
SHA256
a0362be648ebb92266bb64410e429350aefbddb0af74d7e89bea23cfbe75aa64
-
SHA512
8368dd70259e9238acc6d116647a27cc5b4adc73158ed83923f5c841d688a3983b987828108f285aab73633ea4742eec74208ac46996b91b66b812cf33ba1602
-
SSDEEP
1536:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knw0jftONLqbNacyr042LfC:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knZ
Behavioral task
behavioral1
Sample
Bloomberg BNA Invoice Enclosed 0984762748365..xls
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Bloomberg BNA Invoice Enclosed 0984762748365..xls
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
Bloomberg BNA Invoice Enclosed 0984762748365..xls
-
Size
59KB
-
MD5
7c853ab182e0e0a51baa85ba460ddf51
-
SHA1
b865efd764549e7e64eaa37ae67a977958a5fcec
-
SHA256
a0362be648ebb92266bb64410e429350aefbddb0af74d7e89bea23cfbe75aa64
-
SHA512
8368dd70259e9238acc6d116647a27cc5b4adc73158ed83923f5c841d688a3983b987828108f285aab73633ea4742eec74208ac46996b91b66b812cf33ba1602
-
SSDEEP
1536:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knw0jftONLqbNacyr042LfC:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops startup file
-