Overview

overview

10

Static

static

d2b3bff49d...6f.doc

windows7_x64

10

d2b3bff49d...6f.doc

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d2b3bff49d5381ae41e4903277538591b7ce9df1e932d3069a32f4a78ac0816f

  • Size

    132KB

  • Sample

    200709-e3glfxzhn6

  • MD5

    30b85636bb4e9be61434d701cc1c4809

  • SHA1

    e647332abb5d9e2c3ae077937cfe07a7b7f86b9a

  • SHA256

    d2b3bff49d5381ae41e4903277538591b7ce9df1e932d3069a32f4a78ac0816f

  • SHA512

    d4cbaa19ab96fda11924d5880fc08bea21aefe60d72bb1e10fa9398c6b51d28a2203d5c2e636e6b07f4742609b01afccf77c5a732b4090e04eba6ccd3892bae1

Score
10/10

Malware Config

Targets

    • Target

      d2b3bff49d5381ae41e4903277538591b7ce9df1e932d3069a32f4a78ac0816f

    • Size

      132KB

    • MD5

      30b85636bb4e9be61434d701cc1c4809

    • SHA1

      e647332abb5d9e2c3ae077937cfe07a7b7f86b9a

    • SHA256

      d2b3bff49d5381ae41e4903277538591b7ce9df1e932d3069a32f4a78ac0816f

    • SHA512

      d4cbaa19ab96fda11924d5880fc08bea21aefe60d72bb1e10fa9398c6b51d28a2203d5c2e636e6b07f4742609b01afccf77c5a732b4090e04eba6ccd3892bae1

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks