General
-
Target
this_trouble (13).zip
-
Size
14KB
-
Sample
210302-1az8z4pdnn
-
MD5
3be79206baf73751aa5b004994648d7c
-
SHA1
7a749dfef0e220b0e65bc8a0b78788c43853c8fb
-
SHA256
4916128ca8be0b65c9a19f448d84578cc626e502f2b730bd3122f63c569b482c
-
SHA512
af09ad1f3529e81b8298d2c6bb4eae43c4ef5c3bb69a9b03cf01d94101c43bedcdb1671790f4e9ed81e4c030c2c8b44e4d5e5c832cbce05a216a3bb3cfecfe99
Behavioral task
behavioral1
Sample
document-2107203495.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-2107203495.xls
Resource
win10v20201028
Malware Config
Extracted
http://qxloq28vhjko02eiiagg.com/mrch.gif
Targets
-
-
Target
document-2107203495.xls
-
Size
85KB
-
MD5
7d869554d4a24c08f024a2a508b12331
-
SHA1
294b2d552a8a45e24b1cc447ab11d9ba36a1d388
-
SHA256
56ac4fc8686b4235587479d25637e6a589638a35e30d8d612d1b015e277f523d
-
SHA512
ba1361d2be2de9242b3517a5cdaf8466ef7ceeb80e87e549e55879d20b1a198cbfb21917052ea9f0fe0cb1638fba0fb4583b00dbc343d510f4cfad2dfd40ec38
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-