General
-
Target
4fb203958dc23dba23634f6f5356931bfc221e22bed0a184cd73153fca697a51.xlsx
-
Size
217KB
-
Sample
230211-ctk71add5v
-
MD5
b624c8a63e3b48f4351543fab0cd718f
-
SHA1
a0ebd1f6b5d816fa46e5c8e4c9dc41b349e3ad66
-
SHA256
4fb203958dc23dba23634f6f5356931bfc221e22bed0a184cd73153fca697a51
-
SHA512
1afe017eb7518c028cb32e613c219f5df3d75172828068321bdbdfdc49988625bbcb9b140eecda8af632899810ec29e57f00ef76b2bdc7921f2055e23b94220c
-
SSDEEP
6144:HKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgByY+TAQXTHGUMEyP5p6f5jQmL:BbGUMVWlbL
Behavioral task
behavioral1
Sample
4fb203958dc23dba23634f6f5356931bfc221e22bed0a184cd73153fca697a51.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4fb203958dc23dba23634f6f5356931bfc221e22bed0a184cd73153fca697a51.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://ftp.agir-santeinternationale.com/doctors/KAacngW97n4ApzVBDdGy/
http://www.vinyz.com/admin3693/BDFFgAZ6zBRumcUSG/
http://ly.yjlianyi.top/wp-admin/NRAdJ/
http://www.muyehuayi.com/cmp/Vtm2m7z88g/
Targets
-
-
Target
4fb203958dc23dba23634f6f5356931bfc221e22bed0a184cd73153fca697a51.xlsx
-
Size
217KB
-
MD5
b624c8a63e3b48f4351543fab0cd718f
-
SHA1
a0ebd1f6b5d816fa46e5c8e4c9dc41b349e3ad66
-
SHA256
4fb203958dc23dba23634f6f5356931bfc221e22bed0a184cd73153fca697a51
-
SHA512
1afe017eb7518c028cb32e613c219f5df3d75172828068321bdbdfdc49988625bbcb9b140eecda8af632899810ec29e57f00ef76b2bdc7921f2055e23b94220c
-
SSDEEP
6144:HKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgByY+TAQXTHGUMEyP5p6f5jQmL:BbGUMVWlbL
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-