General
-
Target
SecuriteInfo.com.XF.AShadow.1205.29880.21615.xlsx
-
Size
36KB
-
Sample
230330-3ke8hafh36
-
MD5
f7a5636823fa8f31ead3c2acab3fb999
-
SHA1
d755bc88892cfb653e6c8fb1b05637af916aa22a
-
SHA256
b91bd79e54b479982cc3dbe9eb1ca22b2c91595e80ffc758c06ba54eb0ee4650
-
SHA512
0ebcdb72dc07a9504f151d871966c0f913076d88244179f1cec61bcc11c6e18a8a45a3b50e61d78741e19a289a8ac9970c910b62de43063eeaf90cf9c19f88cd
-
SSDEEP
768:5PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJqy7AaZOow+wleULuY:Rok3hbdlylKsgqopeJBWhZFGkE+cL2Nb
Behavioral task
behavioral1
Sample
SecuriteInfo.com.XF.AShadow.1205.29880.21615.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.XF.AShadow.1205.29880.21615.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://syracuse.best/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.XF.AShadow.1205.29880.21615.xlsx
-
Size
36KB
-
MD5
f7a5636823fa8f31ead3c2acab3fb999
-
SHA1
d755bc88892cfb653e6c8fb1b05637af916aa22a
-
SHA256
b91bd79e54b479982cc3dbe9eb1ca22b2c91595e80ffc758c06ba54eb0ee4650
-
SHA512
0ebcdb72dc07a9504f151d871966c0f913076d88244179f1cec61bcc11c6e18a8a45a3b50e61d78741e19a289a8ac9970c910b62de43063eeaf90cf9c19f88cd
-
SSDEEP
768:5PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJqy7AaZOow+wleULuY:Rok3hbdlylKsgqopeJBWhZFGkE+cL2Nb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-