General
-
Target
attached (22).zip
-
Size
14KB
-
Sample
210303-cyf6s3tscs
-
MD5
a594eb7f6b91ad21ab8f4844cca99bcf
-
SHA1
41e47d27a90f6bf3c9cc795f049d1a5286fff079
-
SHA256
846922f5633e8f805c5365d9dfde58b973adef1c22fe5ce33b03bd90e9326b76
-
SHA512
2d3f64c8eec20aff578356c2c4f643ed9b3f896ffc025d5c102a6da68a504320d1a8cd145d5844eda0f7fec67ae94a82b06223ae47ed01960418f38ed4603c0d
Behavioral task
behavioral1
Sample
document-1541761416.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1541761416.xls
Resource
win10v20201028
Malware Config
Extracted
http://wlog28dzzmi02spfin.com/mrch.gif
Targets
-
-
Target
document-1541761416.xls
-
Size
86KB
-
MD5
36940b6627143038880da0a81dc9f7df
-
SHA1
d4c2f6b0e04c5678cadb31d26286aca58c5baab8
-
SHA256
effa3b97b8d62971388819456ada7a792b772b05d7d02d3c4f97bfa1a6056c00
-
SHA512
c27a75ea1289af591cc6296435b6a05b8f5ed4f2c144ed4f578d0c6e5306e7e8a8e374473c3b40c761f56e5b8637c83fa72381aa5f38147bb624116382501587
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-