General
-
Target
_attached_file (13).zip
-
Size
14KB
-
Sample
210303-scpw7eqfxn
-
MD5
0e9b4cace36c1c913fdadce131a14779
-
SHA1
41b6247f84f4f532113f419bb665cf516e9bf093
-
SHA256
824db21a3b048aaaeab592ecc51f3bd4aee3e41eee6ac0bdf8410f4c9abf301c
-
SHA512
0c041fdd27edf857d073465556414d65c119d7f64e7eba0d30561d38ed23d6a40636188fd365e51ccb6ce169f2b63d6c74f29a378473130d7af30efde6100604
Behavioral task
behavioral1
Sample
document-643821377.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-643821377.xls
Resource
win10v20201028
Malware Config
Extracted
http://wlog28dzzmi02spfin.com/mrch.gif
Targets
-
-
Target
document-643821377.xls
-
Size
86KB
-
MD5
df2f323872cf673b798c2beb50cff749
-
SHA1
6e33161f05442dff3828296db4faf29a591bec31
-
SHA256
65626629c457fea7557edbde595a9682dbfaba9d0e829fed859040ce68f915cc
-
SHA512
476f77ce4808be79b955b38fbfe8babd3ba0bdd4936877e734c93b71afcd25f687fd3b4becd6df422bbc327f00b3f973b95e871014971305e8544017d7fd99f0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-