General
-
Target
attached (15).zip
-
Size
14KB
-
Sample
210302-tkyb18c6nx
-
MD5
4cca3412d703e539f040b36a336bd8fb
-
SHA1
6d3d68e6ef07d189616ade7d9cd84116e903d116
-
SHA256
19f0a4a252ad697e568216701a03d2f8b1dd0040c37f8032061339bc43d8308d
-
SHA512
14d0712c862f05b7d026eaeb85778a7de7cf721604788fe95a32f971f1e2b06b62dcd766f3c02df0b0f028eea35f0f485b18b3c91a8417189c7a1f2aaf69b3ab
Behavioral task
behavioral1
Sample
document-1551246108.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1551246108.xls
Resource
win10v20201028
Malware Config
Extracted
http://pxiw28jgmb02slcqxq.com/mrch.gif
Targets
-
-
Target
document-1551246108.xls
-
Size
85KB
-
MD5
30d36ee1bdbeb86d6366d54f3ce8d822
-
SHA1
c2ed37046cc1b82ef2dfc62bd84275888f127176
-
SHA256
5ffcee9d0fa56bdf17e46baf7663135939809177f8e1b08033cddf30dad3a766
-
SHA512
455fd9266b615e8b31c9d2da07f59d2f5155c5fd531e55912af1cf206f5479811f0dfd468fdbbc87d88d366ea829b77e58265cb6acb835032813576c6944a3c5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-