General
-
Target
b0b1e8b09fc00ac787f4af167c3bddc3
-
Size
35KB
-
Sample
240303-3tbxfacf95
-
MD5
b0b1e8b09fc00ac787f4af167c3bddc3
-
SHA1
b1b6325c96c0d2664a71525242f63d0e125f7d30
-
SHA256
b4251120577d1024148345700f001c146947d40d5b747dfafb0504ff44500453
-
SHA512
5f1b9dd9715e8829ce6cca7f260d6b35bf6a59ff75a1d8a3480dfe9ea5ec1c43a6a3e7b445ecc04995ae1ad5f9d3a8d32f7093054b911f56d4ac641f83f9df43
-
SSDEEP
768:fPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJnCEfjDFIJWdcVBZAVmOUzg0:Xok3hbdlylKsgqopeJBWhZFGkE+cL2Nz
Behavioral task
behavioral1
Sample
b0b1e8b09fc00ac787f4af167c3bddc3.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b0b1e8b09fc00ac787f4af167c3bddc3.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://syracuse.best/wp-data.php
Targets
-
-
Target
b0b1e8b09fc00ac787f4af167c3bddc3
-
Size
35KB
-
MD5
b0b1e8b09fc00ac787f4af167c3bddc3
-
SHA1
b1b6325c96c0d2664a71525242f63d0e125f7d30
-
SHA256
b4251120577d1024148345700f001c146947d40d5b747dfafb0504ff44500453
-
SHA512
5f1b9dd9715e8829ce6cca7f260d6b35bf6a59ff75a1d8a3480dfe9ea5ec1c43a6a3e7b445ecc04995ae1ad5f9d3a8d32f7093054b911f56d4ac641f83f9df43
-
SSDEEP
768:fPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJnCEfjDFIJWdcVBZAVmOUzg0:Xok3hbdlylKsgqopeJBWhZFGkE+cL2Nz
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-