General
-
Target
document-1443024301.xls
-
Size
85KB
-
Sample
210302-263f6kky7a
-
MD5
5cdc79a8aeebd4c087cbd2980afc0ccd
-
SHA1
2ac1663aa15e0a91a5658f16b8d4647b243f54f9
-
SHA256
c7d7d034ef4ad845ffa4544716fe1fad999b438b4705658c14555b765045642a
-
SHA512
a76fe01b08d8e441326e4d915ba4b4e1fe3b2f7af7bbff23f1e9485caf4017a63e9ed2c9c3e64a6fd3120e5a5bf840bb311a8e513562bc0d9119db07c9faf9cb
Behavioral task
behavioral1
Sample
document-1443024301.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1443024301.xls
Resource
win10v20201028
Malware Config
Extracted
http://ugrl28bxsnh02kohk.com/mrch.gif
Targets
-
-
Target
document-1443024301.xls
-
Size
85KB
-
MD5
5cdc79a8aeebd4c087cbd2980afc0ccd
-
SHA1
2ac1663aa15e0a91a5658f16b8d4647b243f54f9
-
SHA256
c7d7d034ef4ad845ffa4544716fe1fad999b438b4705658c14555b765045642a
-
SHA512
a76fe01b08d8e441326e4d915ba4b4e1fe3b2f7af7bbff23f1e9485caf4017a63e9ed2c9c3e64a6fd3120e5a5bf840bb311a8e513562bc0d9119db07c9faf9cb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-