General
-
Target
attached-25.zip
-
Size
14KB
-
Sample
210302-ay81224bds
-
MD5
1be5ca0b25c10b07ae948aac6223278d
-
SHA1
2f9437bc566f39fab978513b54d121d58a6ef18b
-
SHA256
8bfd6da153f43e819ed278b72ab71cbe9bb6f6f12a3d83372db44040d437e601
-
SHA512
76e16301a5a27e49727e1342ed3345359852576e56230d14419535b6d51a48df4216fc035fdf2733f73413eac3d4fe146edceb7f85a7083a5cce24c1f820147b
Behavioral task
behavioral1
Sample
document-680008354.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-680008354.xls
Resource
win10v20201028
Malware Config
Extracted
http://ugrl28bxsnh02kohk.com/mrch.gif
Targets
-
-
Target
document-680008354.xls
-
Size
85KB
-
MD5
6cafc4b93a4c66581441b5600cc5966d
-
SHA1
ec60a23a49f04ae580e8efec984af57ef418df55
-
SHA256
b136a63d91105af8f36bd2548e6fecf275a0ace8bbe79f2c621efde9239abafc
-
SHA512
a59fc98b8b086104411a07040729f7472b7965a8e7a622dd69907b4d109200c1c6c985f5cfbc3ffb523d6f139df23f77ab3e6b81343c8721a9f7078e6d444cfc
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-