General
-
Target
SecuriteInfo.com.XF.AShadow.1000.21414.4259.xlsx
-
Size
36KB
-
Sample
230330-3jtz9sfh33
-
MD5
3f57a4bc544d99554cc22bf2830d382f
-
SHA1
e8b44bdc89d0d01711674e8d29fa2b1c0854d013
-
SHA256
b91b0dd75b082180cbe8635b05a98410233831b5faae5168aee8f9299b5484fd
-
SHA512
7753bcf2d7b3591034dd8cc943b1478c34f99693ac1a3e704d3e2a676b73a57c74cbc26f047783a68a83e0ba7890c25df5c0a14e5bc91bce5a4e0e8cbd06f968
-
SSDEEP
768:0PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ273+1pPcLHCT+3v0Lg+:wok3hbdlylKsgqopeJBWhZFGkE+cL2NY
Behavioral task
behavioral1
Sample
SecuriteInfo.com.XF.AShadow.1000.21414.4259.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.XF.AShadow.1000.21414.4259.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.XF.AShadow.1000.21414.4259.xlsx
-
Size
36KB
-
MD5
3f57a4bc544d99554cc22bf2830d382f
-
SHA1
e8b44bdc89d0d01711674e8d29fa2b1c0854d013
-
SHA256
b91b0dd75b082180cbe8635b05a98410233831b5faae5168aee8f9299b5484fd
-
SHA512
7753bcf2d7b3591034dd8cc943b1478c34f99693ac1a3e704d3e2a676b73a57c74cbc26f047783a68a83e0ba7890c25df5c0a14e5bc91bce5a4e0e8cbd06f968
-
SSDEEP
768:0PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ273+1pPcLHCT+3v0Lg+:wok3hbdlylKsgqopeJBWhZFGkE+cL2NY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-