General
-
Target
SecuriteInfo.com.Heur.Macro.Generic.h.4bdfa2fa.9877
-
Size
172KB
-
Sample
200630-n4h5myr3ks
-
MD5
ac016bd363b76505c4b5f55fa92bf343
-
SHA1
245a98cac3ab0bb615aa265c2774e34c1fcf2bd3
-
SHA256
95bd7a62ced0c80358c8e3fd12bb8acb9aecea2b35fa43e7a343cb38ae233e5f
-
SHA512
812ed62c7379e690f3e9af0cde79d1e38e5ed0971f98f0662584ea885e03bc8b36e31dfc7c54a2be2f5989605ff59e6d53a4e4b7f875fff0f8ac9dc40bdbb7c2
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Heur.Macro.Generic.h.4bdfa2fa.9877.xls
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Heur.Macro.Generic.h.4bdfa2fa.9877.xls
Resource
win10v200430
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Heur.Macro.Generic.h.4bdfa2fa.9877
-
Size
172KB
-
MD5
ac016bd363b76505c4b5f55fa92bf343
-
SHA1
245a98cac3ab0bb615aa265c2774e34c1fcf2bd3
-
SHA256
95bd7a62ced0c80358c8e3fd12bb8acb9aecea2b35fa43e7a343cb38ae233e5f
-
SHA512
812ed62c7379e690f3e9af0cde79d1e38e5ed0971f98f0662584ea885e03bc8b36e31dfc7c54a2be2f5989605ff59e6d53a4e4b7f875fff0f8ac9dc40bdbb7c2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Use of msiexec (install) with remote resource
-