General
-
Target
e7f800ea895ba59a6f2dd486c4b04287
-
Size
186KB
-
Sample
231220-tzhshaecc6
-
MD5
e7f800ea895ba59a6f2dd486c4b04287
-
SHA1
bdca0cc93e4733dc4926cd7f85a410293d39d2bb
-
SHA256
c07af723990a19cc946a35efca0b6035129a74b0b9a62462261b164fb591e628
-
SHA512
850b89777089051417f65a56df5bc0363e6d97ac868f288ee722176f60d4c85716ec92e7ffcc6275541b7492232b71f9842098c50ec1bb0bcfd3e194a1e3aafb
-
SSDEEP
3072:7cXnM5Dpq6tgBh1fCbX4nhQc+fhwt1YtnGygiB5tpKdAjcS7A:7k4E9NfCbX4nSFhmLc5IGs
Behavioral task
behavioral1
Sample
e7f800ea895ba59a6f2dd486c4b04287.xlsm
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
e7f800ea895ba59a6f2dd486c4b04287.xlsm
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://drive.imaarif.com/logs.php
Extracted
https://drive.imaarif.com/logs.php
Targets
-
-
Target
e7f800ea895ba59a6f2dd486c4b04287
-
Size
186KB
-
MD5
e7f800ea895ba59a6f2dd486c4b04287
-
SHA1
bdca0cc93e4733dc4926cd7f85a410293d39d2bb
-
SHA256
c07af723990a19cc946a35efca0b6035129a74b0b9a62462261b164fb591e628
-
SHA512
850b89777089051417f65a56df5bc0363e6d97ac868f288ee722176f60d4c85716ec92e7ffcc6275541b7492232b71f9842098c50ec1bb0bcfd3e194a1e3aafb
-
SSDEEP
3072:7cXnM5Dpq6tgBh1fCbX4nhQc+fhwt1YtnGygiB5tpKdAjcS7A:7k4E9NfCbX4nSFhmLc5IGs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-