General
-
Target
document-1007992934.xls
-
Size
86KB
-
Sample
210305-9grcgyf242
-
MD5
9ce4a2b0b095eb9ce9c90993d72326f5
-
SHA1
0aa41fe52366dfbe8342b679129515903ac95a47
-
SHA256
35f1f38c6673c7f3d9be0d5a2c49a57de857c982d2f68fb17441d7c4cabda2e8
-
SHA512
b4e98ba6586a07e7050604178ca34db6078cdafa4e81310ed4c700e56200baa36d1042ab20a1713e4250a84c11dbf60ae17b299a539fb35737860f7c1da4ca2f
Behavioral task
behavioral1
Sample
document-1007992934.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-1007992934.xls
Resource
win10v20201028
Malware Config
Extracted
http://wlog28dzzmi02spfin.com/mrch.gif
Targets
-
-
Target
document-1007992934.xls
-
Size
86KB
-
MD5
9ce4a2b0b095eb9ce9c90993d72326f5
-
SHA1
0aa41fe52366dfbe8342b679129515903ac95a47
-
SHA256
35f1f38c6673c7f3d9be0d5a2c49a57de857c982d2f68fb17441d7c4cabda2e8
-
SHA512
b4e98ba6586a07e7050604178ca34db6078cdafa4e81310ed4c700e56200baa36d1042ab20a1713e4250a84c11dbf60ae17b299a539fb35737860f7c1da4ca2f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-