General
-
Target
55500673338314.xls
-
Size
129KB
-
Sample
230630-pymylscb85
-
MD5
e695d8c6c6db341f12701b4d18dd0d19
-
SHA1
c73f399a25902d8d935e8b6b857ba9203c8536fe
-
SHA256
59cb2552a34b231acb92fcee121b13d662ca7f0049a70aae86fe312270f548e5
-
SHA512
605ba80a24c02cd34763177f1e99d0b74dd6a291623f1433f8f38cf357bd9ab5516c884ee569a5b0ffbc3bdc7645b8274a3428f3fb0f768d5be2a2f4ceaeacb0
-
SSDEEP
3072:Wuk3hbdlylKsgqopeJBWhZFGkE+cL2NdAxEvN8B/W6X1yxYovrepMUdQ6gSz4i:Fk3hbdlylKsgqopeJBWhZFVE+W2NdAmv
Behavioral task
behavioral1
Sample
55500673338314.xls
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
55500673338314.xls
Resource
win10v2004-20230621-en
Malware Config
Extracted
http://185.7.214.7/cc.html
Targets
-
-
Target
55500673338314.xls
-
Size
129KB
-
MD5
e695d8c6c6db341f12701b4d18dd0d19
-
SHA1
c73f399a25902d8d935e8b6b857ba9203c8536fe
-
SHA256
59cb2552a34b231acb92fcee121b13d662ca7f0049a70aae86fe312270f548e5
-
SHA512
605ba80a24c02cd34763177f1e99d0b74dd6a291623f1433f8f38cf357bd9ab5516c884ee569a5b0ffbc3bdc7645b8274a3428f3fb0f768d5be2a2f4ceaeacb0
-
SSDEEP
3072:Wuk3hbdlylKsgqopeJBWhZFGkE+cL2NdAxEvN8B/W6X1yxYovrepMUdQ6gSz4i:Fk3hbdlylKsgqopeJBWhZFVE+W2NdAmv
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-