General
-
Target
ed87b60d77096d0eab29e895bfe5f092503535dd3ec56d96dc16948a67dc5cc5.xlsx
-
Size
217KB
-
Sample
230211-ctltjaea72
-
MD5
cb5a66c49fdb3439090161e6cb0dc0a8
-
SHA1
a2ae194d202a1eb0cce7952f9c18d7c0ce01baf8
-
SHA256
ed87b60d77096d0eab29e895bfe5f092503535dd3ec56d96dc16948a67dc5cc5
-
SHA512
977f14ec194c215f9f6a0c8995bfa08216c66b87b6e99f2cf8fc6af4b83b0d83902709650dd259dbde28c232913044f14937d18889a2ea1a54cca0a2ac9b1067
-
SSDEEP
6144:HKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgByY+TAQXTHGUMEyP5p6f5jQmH:BbGUMVWlbH
Behavioral task
behavioral1
Sample
ed87b60d77096d0eab29e895bfe5f092503535dd3ec56d96dc16948a67dc5cc5.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ed87b60d77096d0eab29e895bfe5f092503535dd3ec56d96dc16948a67dc5cc5.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://ftp.agir-santeinternationale.com/doctors/KAacngW97n4ApzVBDdGy/
http://www.vinyz.com/admin3693/BDFFgAZ6zBRumcUSG/
http://ly.yjlianyi.top/wp-admin/NRAdJ/
http://www.muyehuayi.com/cmp/Vtm2m7z88g/
Targets
-
-
Target
ed87b60d77096d0eab29e895bfe5f092503535dd3ec56d96dc16948a67dc5cc5.xlsx
-
Size
217KB
-
MD5
cb5a66c49fdb3439090161e6cb0dc0a8
-
SHA1
a2ae194d202a1eb0cce7952f9c18d7c0ce01baf8
-
SHA256
ed87b60d77096d0eab29e895bfe5f092503535dd3ec56d96dc16948a67dc5cc5
-
SHA512
977f14ec194c215f9f6a0c8995bfa08216c66b87b6e99f2cf8fc6af4b83b0d83902709650dd259dbde28c232913044f14937d18889a2ea1a54cca0a2ac9b1067
-
SSDEEP
6144:HKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgByY+TAQXTHGUMEyP5p6f5jQmH:BbGUMVWlbH
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-