General
-
Target
SecuriteInfo.com.XF.AShadow.1000.1879.868.xlsx
-
Size
36KB
-
Sample
230330-3kexqshb8v
-
MD5
7a4e8836948c50644f6d4da1e4f0ebd6
-
SHA1
f68ff24be79b0f5b9f24c15bc65d6ce2149dd5fa
-
SHA256
3daf01eebe957c2b6f087b806d24f03f4ed657d503d61eb17f1b14181fb5a8e2
-
SHA512
2e1604834f36637f877cd1ad179caa63765892be15ae7b2f50bb02a38771bb909720f42c0210b04bb42e375fc2f906f613fe6b389cefb29022a11e1bf1cd7fcd
-
SSDEEP
768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJZip9z9gmhoXgk61Z/95:Cok3hbdlylKsgqopeJBWhZFGkE+cL2Nd
Behavioral task
behavioral1
Sample
SecuriteInfo.com.XF.AShadow.1000.1879.868.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.XF.AShadow.1000.1879.868.xls
Resource
win10v2004-20230221-en
Malware Config
Extracted
https://markens.online/wp-data.php
Targets
-
-
Target
SecuriteInfo.com.XF.AShadow.1000.1879.868.xlsx
-
Size
36KB
-
MD5
7a4e8836948c50644f6d4da1e4f0ebd6
-
SHA1
f68ff24be79b0f5b9f24c15bc65d6ce2149dd5fa
-
SHA256
3daf01eebe957c2b6f087b806d24f03f4ed657d503d61eb17f1b14181fb5a8e2
-
SHA512
2e1604834f36637f877cd1ad179caa63765892be15ae7b2f50bb02a38771bb909720f42c0210b04bb42e375fc2f906f613fe6b389cefb29022a11e1bf1cd7fcd
-
SSDEEP
768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJZip9z9gmhoXgk61Z/95:Cok3hbdlylKsgqopeJBWhZFGkE+cL2Nd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-