92d13a074ef3797fcc4ee17d0b4b94a5f57e9a9aceb094b50d12c235a2dd30b6 | Triage

Submit
Reports

Overview

overview

Static

static

0004313322.doc

windows7_x64

4

0004313322.doc

windows10_x64

Resubmissions

17-02-2020 16:51

200217-zkd4kcxg8s 4

17-02-2020 16:47

200217-gq99hkjlqx 10

Sharing

General

Target

0004313322.doc
Size

672KB
Sample

200217-gq99hkjlqx
MD5

091dfc608a72cd5d797bfab7134cbd9e
SHA1

5d86427ce56ab8fc9022651f26afcb9246bc16a1
SHA256

92d13a074ef3797fcc4ee17d0b4b94a5f57e9a9aceb094b50d12c235a2dd30b6
SHA512

14d305d542e90ee40ebdcd1e8e0054ec7611325945c1515b2f9f9bfb1af3bc854ec690bfd465f22d7253db3a737a71298a3930a9e50df8856d56c552b3849509

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

0004313322.doc

Resource

win7v200213

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0004313322.doc

Resource

win10v191014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0004313322.doc
- Size
  
  672KB
- MD5
  
  091dfc608a72cd5d797bfab7134cbd9e
- SHA1
  
  5d86427ce56ab8fc9022651f26afcb9246bc16a1
- SHA256
  
  92d13a074ef3797fcc4ee17d0b4b94a5f57e9a9aceb094b50d12c235a2dd30b6
- SHA512
  
  14d305d542e90ee40ebdcd1e8e0054ec7611325945c1515b2f9f9bfb1af3bc854ec690bfd465f22d7253db3a737a71298a3930a9e50df8856d56c552b3849509
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy