General
-
Target
file (25).zip
-
Size
14KB
-
Sample
210302-hg394vc76s
-
MD5
aec04d684856ea5d4b80eebced85bb52
-
SHA1
423a06bb4deb2da17b39e893bb042930dca8e5a0
-
SHA256
4e590d2889ad8e5e8baf2fc4f57ce42903141218b28d9a5ebff7db9aa6620bd1
-
SHA512
97a59a9572561b7ba7fe2ac9feeeb2f7e11dde02b4380ae54126d24421fb7ed55bc6c51c62f4de203b3293a20c8772b850d58dd3dc23d4c3d0a15456c3d92e72
Behavioral task
behavioral1
Sample
document-682448711.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-682448711.xls
Resource
win10v20201028
Malware Config
Extracted
http://kfzhm28pwzrlk02bmjy.com/mrch.gif
Targets
-
-
Target
document-682448711.xls
-
Size
85KB
-
MD5
4bfd284e3081e30bd03f1bcce136620a
-
SHA1
2597ec2e8ad786504259d6702f8f0bfbc7bf29a0
-
SHA256
f2922f4bd36c24f3ac4f4a623382babfcd9644c17432364ab4ad42b01618d48e
-
SHA512
5f9acbcc6656397634da3cb562e52b06170502f857b7a7717a37138c566ab5d7194b6b1491d4af3bf9406d425fcb5263ac9fd200e099718f6d66212f892bc300
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-