General
-
Target
compta_breizh.xls
-
Size
580KB
-
Sample
230317-2pt2sacc9y
-
MD5
1149360d266ca100ff6a7ce2a8414d53
-
SHA1
ff87dbe2730be9fb594a337e857b5f5c235e2005
-
SHA256
27a6ab7e03075bcc4873b52d67d83d2e61067282c8d4376d8a1778eda385b68a
-
SHA512
e885178f839dfbc5e7fc4012bce4a5d646d4c287841a76bf19fbdb51cc688cb3c51a724ffdfab0269f628d5364a6a1680284b9bb3f63e049f44132168f2e76e9
-
SSDEEP
6144:Ik3hbdlylKsgqopeJBWhZFVEUr3M/sItOd/AIIuY3/RsxRIA2e6FngrNv8zKCq/i:jY3ecALrquDK
Behavioral task
behavioral1
Sample
compta_breizh.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
compta_breizh.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://transfer.sh/get
Targets
-
-
Target
compta_breizh.xls
-
Size
580KB
-
MD5
1149360d266ca100ff6a7ce2a8414d53
-
SHA1
ff87dbe2730be9fb594a337e857b5f5c235e2005
-
SHA256
27a6ab7e03075bcc4873b52d67d83d2e61067282c8d4376d8a1778eda385b68a
-
SHA512
e885178f839dfbc5e7fc4012bce4a5d646d4c287841a76bf19fbdb51cc688cb3c51a724ffdfab0269f628d5364a6a1680284b9bb3f63e049f44132168f2e76e9
-
SSDEEP
6144:Ik3hbdlylKsgqopeJBWhZFVEUr3M/sItOd/AIIuY3/RsxRIA2e6FngrNv8zKCq/i:jY3ecALrquDK
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-