General
-
Target
978905601.xls
-
Size
172KB
-
Sample
200630-1r7v8rvjya
-
MD5
2a6b788cb122676d3890312e754bfc90
-
SHA1
5744f5012d120edd79f1bb1ed0272b28712127e4
-
SHA256
0018a5d18456d36582b1020be78a055c9c126a8036c618ea956faf722d995bb2
-
SHA512
39a0f085979668395beb3d7a23144cbfeba6c849586bc7a4c5759dc455f3964877ea57795df19bf560a4c9a03a283f0671d656888c8969f8cb7ac58e84cc12a5
Static task
static1
Behavioral task
behavioral1
Sample
978905601.xls
Resource
win7v200430
Behavioral task
behavioral2
Sample
978905601.xls
Resource
win10
Malware Config
Targets
-
-
Target
978905601.xls
-
Size
172KB
-
MD5
2a6b788cb122676d3890312e754bfc90
-
SHA1
5744f5012d120edd79f1bb1ed0272b28712127e4
-
SHA256
0018a5d18456d36582b1020be78a055c9c126a8036c618ea956faf722d995bb2
-
SHA512
39a0f085979668395beb3d7a23144cbfeba6c849586bc7a4c5759dc455f3964877ea57795df19bf560a4c9a03a283f0671d656888c8969f8cb7ac58e84cc12a5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Executes dropped EXE
-
Use of msiexec (install) with remote resource
-
Enumerates connected drives
-