General
-
Target
a9c2f27b0666affc9f3cb78b5d662606cd0cb1be1c1dafd2c260ae229953b7c0.xlsx
-
Size
218KB
-
Sample
230211-ctltjaea73
-
MD5
8fbaa780c9336ea8887d8949ed114799
-
SHA1
726c148c897365be9f482d0dc1fcad6929461acc
-
SHA256
a9c2f27b0666affc9f3cb78b5d662606cd0cb1be1c1dafd2c260ae229953b7c0
-
SHA512
53dd882d04aaeded21d57856e9940ad71ce71c409c45d27a8ece5b72e13f5f52386bef984c83edcea62df772ecfba59fcf7729bdb944a4a3d209ba20430353d5
-
SSDEEP
6144:ik3hOdsylKlgxopeiBNhZF+E+W2kdALyY+TAQXTHGUMEyP5p6f5jQmqi:PbGUMVWlbqi
Behavioral task
behavioral1
Sample
a9c2f27b0666affc9f3cb78b5d662606cd0cb1be1c1dafd2c260ae229953b7c0.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a9c2f27b0666affc9f3cb78b5d662606cd0cb1be1c1dafd2c260ae229953b7c0.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://ftp.agir-santeinternationale.com/doctors/KAacngW97n4ApzVBDdGy/
http://www.vinyz.com/admin3693/BDFFgAZ6zBRumcUSG/
http://ly.yjlianyi.top/wp-admin/NRAdJ/
http://www.muyehuayi.com/cmp/Vtm2m7z88g/
Targets
-
-
Target
a9c2f27b0666affc9f3cb78b5d662606cd0cb1be1c1dafd2c260ae229953b7c0.xlsx
-
Size
218KB
-
MD5
8fbaa780c9336ea8887d8949ed114799
-
SHA1
726c148c897365be9f482d0dc1fcad6929461acc
-
SHA256
a9c2f27b0666affc9f3cb78b5d662606cd0cb1be1c1dafd2c260ae229953b7c0
-
SHA512
53dd882d04aaeded21d57856e9940ad71ce71c409c45d27a8ece5b72e13f5f52386bef984c83edcea62df772ecfba59fcf7729bdb944a4a3d209ba20430353d5
-
SSDEEP
6144:ik3hOdsylKlgxopeiBNhZF+E+W2kdALyY+TAQXTHGUMEyP5p6f5jQmqi:PbGUMVWlbqi
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-