General
-
Target
f8136a20dbec93a03aaebaf7d36ff199.bin
-
Size
1.1MB
-
Sample
241114-ceb1saskgv
-
MD5
07019677f3c6b6d3bd73d5e8bbbfd8e7
-
SHA1
c70f5683dddea0d0f52e73007d86ec5e2728c6d3
-
SHA256
a817dfdce631969b109d59bb4f23ead01218c275f94dc04a11151cd9027f2333
-
SHA512
bca0064049ffc5d6074ae6a10584774c45a7a19545d6f9350bd024b9c7a236027cab79ccf778ca9ab8680aa05d5b3b9c8f31a5d9cca499458ae96d5f91bc2b96
-
SSDEEP
24576:kxdDqO2USmndp2wO5az8yb5uv9qGJbeVr+YwO7AdZEvGH:MDG2nSw9z8y9ulBsh+0xGH
Static task
static1
Behavioral task
behavioral1
Sample
544e3a275c258b90d8cda8be36b057e75451b4901d4663082db9f97419cd5a4a.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
544e3a275c258b90d8cda8be36b057e75451b4901d4663082db9f97419cd5a4a.xls
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
544e3a275c258b90d8cda8be36b057e75451b4901d4663082db9f97419cd5a4a.xls
-
Size
1.1MB
-
MD5
f8136a20dbec93a03aaebaf7d36ff199
-
SHA1
be5e9c920b7e3c61b0b7779c6de6bc28d9aab2d3
-
SHA256
544e3a275c258b90d8cda8be36b057e75451b4901d4663082db9f97419cd5a4a
-
SHA512
f2d85f7ddcda4704ca2b057f94386772f4951b0e9b7fe015d9ee39d017267007080dc1f95857182045438f7fc7dac16098e6710611f3c409921b186c3200446c
-
SSDEEP
24576:aq9PLiijE2Z5Z2am82/gY/tMJE8F84LJQodsG4HD+zBVc:aEPLiij7Z5ZK8Qg8tMpFjLJQod94SP
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Evasion via Device Credential Deployment
-
Drops file in System32 directory
-