Overview

overview

10

Static

static

question.07.20.doc

windows7_x64

10

question.07.20.doc

windows10_x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    question.07.20.doc

  • Size

    113KB

  • Sample

    200708-qhkfvcfaw6

  • MD5

    6f768e41513d55db49d7453b5ffa836d

  • SHA1

    6b585309500cf3ba34d8fbe17238faafebc064f6

  • SHA256

    f16432e6a2680259bc0abf8ea9e6da37b7d887659967b19fa4126c4e8e16635a

  • SHA512

    47bcd56ffd836658ee7fb01c41f765fa7ea3c718255cfdb220e825f3a55802b6e25fc9a825f02ee3a85ff8a2a517fce7ce57a73a0ba09d56f53b8404061242a8

Score
10/10

Malware Config

Targets

    • Target

      question.07.20.doc

    • Size

      113KB

    • MD5

      6f768e41513d55db49d7453b5ffa836d

    • SHA1

      6b585309500cf3ba34d8fbe17238faafebc064f6

    • SHA256

      f16432e6a2680259bc0abf8ea9e6da37b7d887659967b19fa4126c4e8e16635a

    • SHA512

      47bcd56ffd836658ee7fb01c41f765fa7ea3c718255cfdb220e825f3a55802b6e25fc9a825f02ee3a85ff8a2a517fce7ce57a73a0ba09d56f53b8404061242a8

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks