General
-
Target
this_challenge (17).zip
-
Size
14KB
-
Sample
210302-a72jefj2zx
-
MD5
c374a65855539ca6dc323a8c75ce69a9
-
SHA1
4e13e885938de4c821faa627deb881d1c2489ec6
-
SHA256
db10af9e07b3162a0bb0dd46eaf1bbad69d76b9a5f8863a1fcb1a3c1c7b88c89
-
SHA512
16481aea59ab910cad78b262cf52d2d6a5191a46cd38b5f11e1f6e6714c780e40e09f8498f2edd2aec2711e5868133f034bfd396e587f197ada4bcf6afe79e60
Behavioral task
behavioral1
Sample
document-1226092010.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1226092010.xls
Resource
win10v20201028
Malware Config
Extracted
http://qxloq28vhjko02eiiagg.com/mrch.gif
Targets
-
-
Target
document-1226092010.xls
-
Size
85KB
-
MD5
ff6ba02a111f999f683149f4d35da8f4
-
SHA1
f86dddf4ad1b5a365b7fbe6cebe932db12760a18
-
SHA256
fffebfa51136e887b9c461ebba0e484c998208abb431d44ce767cfb18f8b3797
-
SHA512
b8dd33f5b9ab656f5148894538565e7a832df0a499c7ddc0478b72440a9ba9a66deb3cc45a2bda26181544c47ed56f28bb4557eafea81fe370f6493813f61db9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-