General
-
Target
SecuriteInfo.com.XF.AShadow.1205.24655.10395.xlsx
-
Size
35KB
-
Sample
230330-3ke8hafh35
-
MD5
dab402a1ceff08ec01fd4b7e7c25c5a2
-
SHA1
a4c2395af6716e5ff7e8db3b59bbcdef336f015d
-
SHA256
2d925c92357e7b3b64f9bc2e7a3bcf7789954ff0985b85a69ba5994c137c8476
-
SHA512
c737260d4654b4fa4c53c88b89cad82b76d5ba469e3491de5d717366d761df818a70e65bb5ff886f24451f943afd3f2c5420432fdb21579918a540df701e17d5
-
SSDEEP
768:nPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ0AkyQpJxDpwcdEL/9su:Pok3hbdlylKsgqopeJBWhZFGkE+cL2N0
Behavioral task
behavioral1
Sample
SecuriteInfo.com.XF.AShadow.1205.24655.10395.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.XF.AShadow.1205.24655.10395.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://syracuse.best/wp-data.php
https://skill.fashion/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.XF.AShadow.1205.24655.10395.xlsx
-
Size
35KB
-
MD5
dab402a1ceff08ec01fd4b7e7c25c5a2
-
SHA1
a4c2395af6716e5ff7e8db3b59bbcdef336f015d
-
SHA256
2d925c92357e7b3b64f9bc2e7a3bcf7789954ff0985b85a69ba5994c137c8476
-
SHA512
c737260d4654b4fa4c53c88b89cad82b76d5ba469e3491de5d717366d761df818a70e65bb5ff886f24451f943afd3f2c5420432fdb21579918a540df701e17d5
-
SSDEEP
768:nPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ0AkyQpJxDpwcdEL/9su:Pok3hbdlylKsgqopeJBWhZFGkE+cL2N0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-