General
-
Target
Parcel.doc
-
Size
153KB
-
Sample
200707-f9bdv54sjj
-
MD5
fa02ac2e4a3f00acdaa60c359afcfdd9
-
SHA1
f2917cf0b679650c3a679381f4d34bd1e12674c0
-
SHA256
798868c3e5106b388a0ff01e3f5894fe6d5abfa0789d9efae9b3fe0d0d0db7e6
-
SHA512
81f9ec1e2b59189e2e6a3fdfbd8b7e33dec15ff4d41ae57884efde51af247fbf53065d0275a8bbe19e235893d905a52de3ba1a310756b54052ca6567a157178d
Static task
static1
Behavioral task
behavioral1
Sample
Parcel.doc
Resource
win7
Behavioral task
behavioral2
Sample
Parcel.doc
Resource
win10v200430
Malware Config
Extracted
http://tattooartcreations.com/wp-includes/js/tinymce/themes/inlite/crypt_da11.dll
Targets
-
-
Target
Parcel.doc
-
Size
153KB
-
MD5
fa02ac2e4a3f00acdaa60c359afcfdd9
-
SHA1
f2917cf0b679650c3a679381f4d34bd1e12674c0
-
SHA256
798868c3e5106b388a0ff01e3f5894fe6d5abfa0789d9efae9b3fe0d0d0db7e6
-
SHA512
81f9ec1e2b59189e2e6a3fdfbd8b7e33dec15ff4d41ae57884efde51af247fbf53065d0275a8bbe19e235893d905a52de3ba1a310756b54052ca6567a157178d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-