General
-
Target
PURCHASEORDER....xls
-
Size
1.5MB
-
Sample
230324-hd3p1aeg7x
-
MD5
2c27d6fe88c0546e5de604ce50e3a83c
-
SHA1
3a68164d3171b661f4ed5dafbcd5e73812fd42fc
-
SHA256
e95ba35b4f674a525cbe1a09935db84ea766bad5257486c5ace7dc892e7e9baa
-
SHA512
65d5d7f8b89f688ebc4248ae985f169f4191c6a88189e8788ef285fbdabf6fbbe2424296543dd9b23f37775ea87d667006a05cdd632b5324a9bca883db956e94
-
SSDEEP
24576:52Tbq8KPsUGRoG1t6EWOEMhpaMNzl8raUtGCn113y4RzuCr2izm/EcUAbFNLGeue:Ev5K/G3v6EWxNMNzlMRtGCn113y4RaCY
Behavioral task
behavioral1
Sample
PURCHASEORDER....xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
PURCHASEORDER....xls
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
PURCHASEORDER....xls
-
Size
1.5MB
-
MD5
2c27d6fe88c0546e5de604ce50e3a83c
-
SHA1
3a68164d3171b661f4ed5dafbcd5e73812fd42fc
-
SHA256
e95ba35b4f674a525cbe1a09935db84ea766bad5257486c5ace7dc892e7e9baa
-
SHA512
65d5d7f8b89f688ebc4248ae985f169f4191c6a88189e8788ef285fbdabf6fbbe2424296543dd9b23f37775ea87d667006a05cdd632b5324a9bca883db956e94
-
SSDEEP
24576:52Tbq8KPsUGRoG1t6EWOEMhpaMNzl8raUtGCn113y4RzuCr2izm/EcUAbFNLGeue:Ev5K/G3v6EWxNMNzlMRtGCn113y4RaCY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-