General
-
Target
document-1859035960.xls
-
Size
85KB
-
Sample
210302-edks6rsen6
-
MD5
df930b0eb5f6538a38ee6e085c3052e2
-
SHA1
d69e1330b5736741f7133ae5cb07ce14e9fa2b5b
-
SHA256
4656121847b15209ebc9f66f0935524de4525195aa6d78e322b88402a5b9a298
-
SHA512
4d980ccaad716d1b9d7c66eed90b94d4b9852e9fc124cc07dd40620e94df8c4ab3c577d7e5da248c39ae2fa5362d0fc8bda32f88d2d46233cf5096684848d04d
Behavioral task
behavioral1
Sample
document-1859035960.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1859035960.xls
Resource
win10v20201028
Malware Config
Extracted
http://ugrl28bxsnh02kohk.com/mrch.gif
Targets
-
-
Target
document-1859035960.xls
-
Size
85KB
-
MD5
df930b0eb5f6538a38ee6e085c3052e2
-
SHA1
d69e1330b5736741f7133ae5cb07ce14e9fa2b5b
-
SHA256
4656121847b15209ebc9f66f0935524de4525195aa6d78e322b88402a5b9a298
-
SHA512
4d980ccaad716d1b9d7c66eed90b94d4b9852e9fc124cc07dd40620e94df8c4ab3c577d7e5da248c39ae2fa5362d0fc8bda32f88d2d46233cf5096684848d04d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-