General
-
Target
5897565916579xlsm.xlsm
-
Size
118KB
-
Sample
230701-hjsf8afg89
-
MD5
c930ab7f69ffa197bf8149c9038eebfc
-
SHA1
0438b6bed41413f8dcd5f9e95416f5dcab034173
-
SHA256
769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968
-
SHA512
4d226575d5683d6acc853a87dcff2c518c4c57c59057420d610fb56c8d33cda87311e0ca28da95ab8de8cf78e837dfa9a39387a12b87151f2f5e06a5df94203b
-
SSDEEP
3072:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgMbyVEdBU6hubsll6UQjvxG:bKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgWX
Behavioral task
behavioral1
Sample
5897565916579xlsm.xls
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
5897565916579xlsm.xls
Resource
win10v2004-20230621-en
Malware Config
Extracted
http://www.cuneytkocas.com/wp-content/VSnofpES1wO2CcVob/
http://towardsun.net/admin/BYGGkrYAnT/
http://k-antiques.jp/wp-includes/SCYdA6TLohYk2/
Targets
-
-
Target
5897565916579xlsm.xlsm
-
Size
118KB
-
MD5
c930ab7f69ffa197bf8149c9038eebfc
-
SHA1
0438b6bed41413f8dcd5f9e95416f5dcab034173
-
SHA256
769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968
-
SHA512
4d226575d5683d6acc853a87dcff2c518c4c57c59057420d610fb56c8d33cda87311e0ca28da95ab8de8cf78e837dfa9a39387a12b87151f2f5e06a5df94203b
-
SSDEEP
3072:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgMbyVEdBU6hubsll6UQjvxG:bKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgWX
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-