General
-
Target
434b81fd41ad827df4f81983828f43234278ccff8e5b13955200842d3a293ec0.xlsx
-
Size
217KB
-
Sample
230211-ctlhrsdd5x
-
MD5
0f91ec3735820b2bb1bf5b08716c4edb
-
SHA1
91681fbec7a9e3aebf825cbc0034eb0777761783
-
SHA256
434b81fd41ad827df4f81983828f43234278ccff8e5b13955200842d3a293ec0
-
SHA512
99afb68db028567cfc0cad59d2d3ff4feffc4a3480c65d2200da2432f2b1df066187bbecc529bb45f88d2fc854d30b735850f34fefb0710f1eba9f0f559afefc
-
SSDEEP
6144:HKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgByY+TAQXTHGUMEyP5p6f5jQmo:BbGUMVWlbo
Behavioral task
behavioral1
Sample
434b81fd41ad827df4f81983828f43234278ccff8e5b13955200842d3a293ec0.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
434b81fd41ad827df4f81983828f43234278ccff8e5b13955200842d3a293ec0.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://ftp.agir-santeinternationale.com/doctors/KAacngW97n4ApzVBDdGy/
http://www.vinyz.com/admin3693/BDFFgAZ6zBRumcUSG/
http://ly.yjlianyi.top/wp-admin/NRAdJ/
http://www.muyehuayi.com/cmp/Vtm2m7z88g/
Targets
-
-
Target
434b81fd41ad827df4f81983828f43234278ccff8e5b13955200842d3a293ec0.xlsx
-
Size
217KB
-
MD5
0f91ec3735820b2bb1bf5b08716c4edb
-
SHA1
91681fbec7a9e3aebf825cbc0034eb0777761783
-
SHA256
434b81fd41ad827df4f81983828f43234278ccff8e5b13955200842d3a293ec0
-
SHA512
99afb68db028567cfc0cad59d2d3ff4feffc4a3480c65d2200da2432f2b1df066187bbecc529bb45f88d2fc854d30b735850f34fefb0710f1eba9f0f559afefc
-
SSDEEP
6144:HKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgByY+TAQXTHGUMEyP5p6f5jQmo:BbGUMVWlbo
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-