General
-
Target
SecuriteInfo.com.XF.AShadow.1205.3053.20328.xlsx
-
Size
35KB
-
Sample
230330-3kexqsfh34
-
MD5
379146831e96c4374f3d05db46d978b2
-
SHA1
9e7d1e8042810ee3b691ee307caed7dd5fd0577d
-
SHA256
3a27df27123dfe41e25bfbbabd52dc78fd6a7dd9c569dd4464a60eca621623e1
-
SHA512
618ea4e74f8385ddf402314bd1d6fa5ea134bd1dcccf168c39f4dd2b5a07f52f20cbcd8de70d486790c242974f579217f07f01c71c07ec178fcf358e27d4c466
-
SSDEEP
768:TPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ9dfPj5jlinfeoqMi9gZ:Lok3hbdlylKsgqopeJBWhZFGkE+cL2NV
Behavioral task
behavioral1
Sample
SecuriteInfo.com.XF.AShadow.1205.3053.20328.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.XF.AShadow.1205.3053.20328.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://skill.fashion/wp-data.php
https://syracuse.best/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.XF.AShadow.1205.3053.20328.xlsx
-
Size
35KB
-
MD5
379146831e96c4374f3d05db46d978b2
-
SHA1
9e7d1e8042810ee3b691ee307caed7dd5fd0577d
-
SHA256
3a27df27123dfe41e25bfbbabd52dc78fd6a7dd9c569dd4464a60eca621623e1
-
SHA512
618ea4e74f8385ddf402314bd1d6fa5ea134bd1dcccf168c39f4dd2b5a07f52f20cbcd8de70d486790c242974f579217f07f01c71c07ec178fcf358e27d4c466
-
SSDEEP
768:TPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ9dfPj5jlinfeoqMi9gZ:Lok3hbdlylKsgqopeJBWhZFGkE+cL2NV
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-