General
-
Target
4559668350058496.zip
-
Size
14KB
-
Sample
210304-s4sdqarbd6
-
MD5
a39efb5d3853fc0562c400ae483b684b
-
SHA1
353268777b72984a790e66459ab3c9f148d8a7f0
-
SHA256
946ad3770efb2a04671f1b6af1828cf197dc3a5430e74679265c8903634f4fb2
-
SHA512
1a9a67e0f3bbf278beea64b2344949f9d43cb4b28d81a8b1e8bf7efebf0e96e64a1227ccbe6cd58e7906c16b231257f7ec48ea2454bed797e71acd50086a8abe
Behavioral task
behavioral1
Sample
16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12.xls
Resource
win10v20201028
Malware Config
Extracted
http://kfzhm28pwzrlk02bmjy.com/mrch.gif
Targets
-
-
Target
16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12
-
Size
85KB
-
MD5
66e5e724f99a77455e36bca858366e5b
-
SHA1
aad43897bccde3be594cf89863341050b6eed55a
-
SHA256
16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12
-
SHA512
e96dd67971cd9e55d37278e65f59060a1f708dc2d841d6aae02bc5440a3c99dc5fcfbebc98b68fea928b4df52ca59679d03af1dca06c553a2fe68a884b056571
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-