General
-
Target
ballfin,file,08.11.22.doc
-
Size
2.2MB
-
Sample
220811-t1yv4sbgh9
-
MD5
75d17f46accbe980e1deb28dd7513085
-
SHA1
6ae88b35e85f6fbb55584893f696f859dccfedc2
-
SHA256
4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777
-
SHA512
e9959f74b0c4cb34c1167eb622fbdd8ae8bbeb808ca8d6680bc82f22c9d0566b6dac30b1376837fd54a4b21bac7af414bccc90e849ec32b2f78564d98bf5674f
Static task
static1
Behavioral task
behavioral1
Sample
ballfin,file,08.11.22.docm
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
ballfin,file,08.11.22.docm
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
ballfin,file,08.11.22.doc
-
Size
2.2MB
-
MD5
75d17f46accbe980e1deb28dd7513085
-
SHA1
6ae88b35e85f6fbb55584893f696f859dccfedc2
-
SHA256
4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777
-
SHA512
e9959f74b0c4cb34c1167eb622fbdd8ae8bbeb808ca8d6680bc82f22c9d0566b6dac30b1376837fd54a4b21bac7af414bccc90e849ec32b2f78564d98bf5674f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-