General
-
Target
a5499f4b5c28bc94e1fe2dfcd5a3a490feaee58d7f431d0231b61a7e3b180f87
-
Size
35KB
-
Sample
230129-x2s8sscb3s
-
MD5
c26b81534d6d01ca5baf38b476f1f262
-
SHA1
a891c30369b99939fb14cd4172663761f3dac8c0
-
SHA256
a5499f4b5c28bc94e1fe2dfcd5a3a490feaee58d7f431d0231b61a7e3b180f87
-
SHA512
a3da43e3a18d80b307adf2b03a2b0276e247758616e8ce0f44a896223708453ee372233695048d3923688a040e5d8e2f53f4eeaefd8ed62db222d1972b074b4e
-
SSDEEP
768:/PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJoCd7w74TxC:3ok3hbdlylKsgqopeJBWhZFGkE+cL2Nn
Behavioral task
behavioral1
Sample
a5499f4b5c28bc94e1fe2dfcd5a3a490feaee58d7f431d0231b61a7e3b180f87.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a5499f4b5c28bc94e1fe2dfcd5a3a490feaee58d7f431d0231b61a7e3b180f87.xls
Resource
win10v2004-20221111-en
Malware Config
Extracted
https://syracuse.best/wp-data.php
Targets
-
-
Target
a5499f4b5c28bc94e1fe2dfcd5a3a490feaee58d7f431d0231b61a7e3b180f87
-
Size
35KB
-
MD5
c26b81534d6d01ca5baf38b476f1f262
-
SHA1
a891c30369b99939fb14cd4172663761f3dac8c0
-
SHA256
a5499f4b5c28bc94e1fe2dfcd5a3a490feaee58d7f431d0231b61a7e3b180f87
-
SHA512
a3da43e3a18d80b307adf2b03a2b0276e247758616e8ce0f44a896223708453ee372233695048d3923688a040e5d8e2f53f4eeaefd8ed62db222d1972b074b4e
-
SSDEEP
768:/PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJoCd7w74TxC:3ok3hbdlylKsgqopeJBWhZFGkE+cL2Nn
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-