General
-
Target
bad.xls
-
Size
88KB
-
Sample
230608-gxte1ade2y
-
MD5
f459c6371551ea34ccd02ab0c4121953
-
SHA1
b247164d5bd3219d44a7ba6258472cc5701174ae
-
SHA256
ed4da666f5dba2a162c5803de8d5daa13ab64cef6242295e099049dddeda5187
-
SHA512
9d3558b4a59e0662d7ee2c3fbc1c898fd010453b4d2e39e90985a4f7f008b9291de438c2304d1d5bbed8ee8adca4d722af3a930ef6abf955774c82211cf61a56
-
SSDEEP
1536:w2cKoSsxz1PDZLDZjlbR868O8Kfc03F7uDphYHceXVhca+fMHLtyeGx2zZ8dIOik:w2cKoSsxzNDZLDZjlbR868O8Kfc03F7a
Behavioral task
behavioral1
Sample
bad.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
bad.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://ghtyrncjf2df.com/fb26.gif
Targets
-
-
Target
bad.xls
-
Size
88KB
-
MD5
f459c6371551ea34ccd02ab0c4121953
-
SHA1
b247164d5bd3219d44a7ba6258472cc5701174ae
-
SHA256
ed4da666f5dba2a162c5803de8d5daa13ab64cef6242295e099049dddeda5187
-
SHA512
9d3558b4a59e0662d7ee2c3fbc1c898fd010453b4d2e39e90985a4f7f008b9291de438c2304d1d5bbed8ee8adca4d722af3a930ef6abf955774c82211cf61a56
-
SSDEEP
1536:w2cKoSsxz1PDZLDZjlbR868O8Kfc03F7uDphYHceXVhca+fMHLtyeGx2zZ8dIOik:w2cKoSsxzNDZLDZjlbR868O8Kfc03F7a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-