General
-
Target
32bec158a40710d2c0aabbb77474d2d07cf8bebee15006f3938cebaa85e0f1e7.xlsx
-
Size
218KB
-
Sample
230211-ctk71aea68
-
MD5
6576847f7deb2aeedd92a283b932a940
-
SHA1
6c5ba9c94ba71089fc9603f9cbad7e74c4ca6079
-
SHA256
32bec158a40710d2c0aabbb77474d2d07cf8bebee15006f3938cebaa85e0f1e7
-
SHA512
3e33703a6663ef13d85079794aa6ac49e5c8eaf65052af744be1b3428053d2445b35b3923a8a6b8b0ff1c14172eb80845f37024e10554ae412d540f38fd1a8a5
-
SSDEEP
6144:2k3hOdsylKlgxopeiBNhZF+E+W2kdApyY+TAQXTHGUMEyP5p6f5jQmSo:NbGUMVWlbSo
Behavioral task
behavioral1
Sample
32bec158a40710d2c0aabbb77474d2d07cf8bebee15006f3938cebaa85e0f1e7.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
32bec158a40710d2c0aabbb77474d2d07cf8bebee15006f3938cebaa85e0f1e7.xls
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://ftp.agir-santeinternationale.com/doctors/KAacngW97n4ApzVBDdGy/
http://www.vinyz.com/admin3693/BDFFgAZ6zBRumcUSG/
http://ly.yjlianyi.top/wp-admin/NRAdJ/
http://www.muyehuayi.com/cmp/Vtm2m7z88g/
Targets
-
-
Target
32bec158a40710d2c0aabbb77474d2d07cf8bebee15006f3938cebaa85e0f1e7.xlsx
-
Size
218KB
-
MD5
6576847f7deb2aeedd92a283b932a940
-
SHA1
6c5ba9c94ba71089fc9603f9cbad7e74c4ca6079
-
SHA256
32bec158a40710d2c0aabbb77474d2d07cf8bebee15006f3938cebaa85e0f1e7
-
SHA512
3e33703a6663ef13d85079794aa6ac49e5c8eaf65052af744be1b3428053d2445b35b3923a8a6b8b0ff1c14172eb80845f37024e10554ae412d540f38fd1a8a5
-
SSDEEP
6144:2k3hOdsylKlgxopeiBNhZF+E+W2kdApyY+TAQXTHGUMEyP5p6f5jQmSo:NbGUMVWlbSo
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-