General
-
Target
document-1955896638.xls
-
Size
85KB
-
Sample
210302-1lphqmv2px
-
MD5
66e5e724f99a77455e36bca858366e5b
-
SHA1
aad43897bccde3be594cf89863341050b6eed55a
-
SHA256
16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12
-
SHA512
e96dd67971cd9e55d37278e65f59060a1f708dc2d841d6aae02bc5440a3c99dc5fcfbebc98b68fea928b4df52ca59679d03af1dca06c553a2fe68a884b056571
Behavioral task
behavioral1
Sample
document-1955896638.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1955896638.xls
Resource
win10v20201028
Malware Config
Extracted
http://kfzhm28pwzrlk02bmjy.com/mrch.gif
Targets
-
-
Target
document-1955896638.xls
-
Size
85KB
-
MD5
66e5e724f99a77455e36bca858366e5b
-
SHA1
aad43897bccde3be594cf89863341050b6eed55a
-
SHA256
16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12
-
SHA512
e96dd67971cd9e55d37278e65f59060a1f708dc2d841d6aae02bc5440a3c99dc5fcfbebc98b68fea928b4df52ca59679d03af1dca06c553a2fe68a884b056571
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-