General
-
Target
SecuriteInfo.com.XF.AShadow.1205.5155.21550.xlsx
-
Size
36KB
-
Sample
230330-3ke8hafh37
-
MD5
754c2720bc293a551469a1119707d3b4
-
SHA1
355629dd7b1a25fc12264b530be5c456d30a9ef7
-
SHA256
934ebca653ff2a2f5b8d56536e90f90f353bb18c761cc5ca82fb72efe7cd4d93
-
SHA512
9451d651675a1a58fadebb45e6325d56eb619067153ab0cc777b29ab27b989cf886ccfdc084c7bbd1caf6646ab853c81006441b59127e7476dfe035cbf9f34dd
-
SSDEEP
768:xPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJxIE8cBImXmtG:5ok3hbdlylKsgqopeJBWhZFGkE+cL2NU
Behavioral task
behavioral1
Sample
SecuriteInfo.com.XF.AShadow.1205.5155.21550.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.XF.AShadow.1205.5155.21550.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://skill.fashion/wp-data.php
https://syracuse.best/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.XF.AShadow.1205.5155.21550.xlsx
-
Size
36KB
-
MD5
754c2720bc293a551469a1119707d3b4
-
SHA1
355629dd7b1a25fc12264b530be5c456d30a9ef7
-
SHA256
934ebca653ff2a2f5b8d56536e90f90f353bb18c761cc5ca82fb72efe7cd4d93
-
SHA512
9451d651675a1a58fadebb45e6325d56eb619067153ab0cc777b29ab27b989cf886ccfdc084c7bbd1caf6646ab853c81006441b59127e7476dfe035cbf9f34dd
-
SSDEEP
768:xPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJxIE8cBImXmtG:5ok3hbdlylKsgqopeJBWhZFGkE+cL2NU
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-