General
-
Target
emotet.xls.zip
-
Size
42KB
-
Sample
230127-mpjtgsac26
-
MD5
e857218c297c7bda9c6b74ec65367ceb
-
SHA1
ae114f70b16ec28fb5e5929c6b9ecb8ded7cbcd4
-
SHA256
e83f6fa3b3608656bd6dbaeff724b5b67e78e3bd05150a9eb68086f2b5e2398c
-
SHA512
d0e39ffa06588efea6a21e7e6b0d125cd5effaeb78c857fa205fb22c74f8a37e75603999cf90b77dcdeb4b8dc56267a5ebce62ae35dd589b4984e6f573e8953a
-
SSDEEP
768:/B5Gco2uGrHqVYCp0EbgmVYzP0sizPX/vVf7iqZGff8ZnPgWQ8SB6vUEdp:QWe9p0WTYzPXijXFiqIfqnIWIBeUEv
Behavioral task
behavioral1
Sample
87c3545310157886ea652afb97e0dfa9e7d09a6392663710091f20f53757da4a.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
87c3545310157886ea652afb97e0dfa9e7d09a6392663710091f20f53757da4a.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
https://datie-tw.com/img/O8G0RDZj7MYCuJyPoP/
http://sbm.xinmoshiwang.com/upload/VaOfWEb3pW76UO/
https://copunupo.ac.zm/cgi-bin/WFFcGx/
http://ly.yjlianyi.top/wp-admin/4cChao/
Targets
-
-
Target
87c3545310157886ea652afb97e0dfa9e7d09a6392663710091f20f53757da4a.xls
-
Size
91KB
-
MD5
eb6e88a5ea61dd9dde6e08f466051c52
-
SHA1
3e4b742d8e9829687c602de589629956d070393f
-
SHA256
87c3545310157886ea652afb97e0dfa9e7d09a6392663710091f20f53757da4a
-
SHA512
19681de8a7674b97a81c96cdadec6bb12e588a2e788ff30db39ef574818e189c701c49512bbc2f6156131f10742f7170a1912f1bae9b39f52ddfb71df183492c
-
SSDEEP
1536:vKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgHbCXuZH4gb4CEn9J4ZPX5:vKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgl
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-