General
-
Target
SecuriteInfo.com.VBA.SCrypted.1.Gen.8935.3891
-
Size
97KB
-
Sample
200630-slr1pnxn4s
-
MD5
340e15c9ee5ae17758bb2e4a7890c0c0
-
SHA1
7bd2df48ad16fe08db23700ab57e781048f9bc76
-
SHA256
894bd85e8489f2ceeb14a9cd0c0b028d9749db622ad3bc68ccfc33323a92bd17
-
SHA512
b93846e9dffea0449e4a1f441aa4956da9220c41d2564838e0ac95c4a0a6878dfdf0163087a42834e2edd59751c9097e3bd0834d06405060db3a1ab68a33ada6
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.VBA.SCrypted.1.Gen.8935.3891.rtf
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.VBA.SCrypted.1.Gen.8935.3891.rtf
Resource
win10v200430
Malware Config
Extracted
http://185.208.211.67/scorp/Class.sfx.exe
Targets
-
-
Target
SecuriteInfo.com.VBA.SCrypted.1.Gen.8935.3891
-
Size
97KB
-
MD5
340e15c9ee5ae17758bb2e4a7890c0c0
-
SHA1
7bd2df48ad16fe08db23700ab57e781048f9bc76
-
SHA256
894bd85e8489f2ceeb14a9cd0c0b028d9749db622ad3bc68ccfc33323a92bd17
-
SHA512
b93846e9dffea0449e4a1f441aa4956da9220c41d2564838e0ac95c4a0a6878dfdf0163087a42834e2edd59751c9097e3bd0834d06405060db3a1ab68a33ada6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-