Overview

overview

10

Static

static

ordine_07.08.20.doc

windows7_x64

10

ordine_07.08.20.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ordine_07.08.20.doc

  • Size

    147KB

  • Sample

    200711-bjl9mjqv7x

  • MD5

    fe0645535e48000792e5120eec45cf75

  • SHA1

    ec407afabc52b5aa8a223da4b69acf5a26b1ad6a

  • SHA256

    f1721df32789a9e1551010e0fc30caa050366f4c949c1f73fcf317e85e0ecb35

  • SHA512

    78466f1255589cfa53c629365968bf89a925be26f3cbd924266e3fbb2a42d6bb5c601c6cee52d23322980fa621517f4c0e83394ebcf0780f7859d20127716c98

Score
10/10

Malware Config

Targets

    • Target

      ordine_07.08.20.doc

    • Size

      147KB

    • MD5

      fe0645535e48000792e5120eec45cf75

    • SHA1

      ec407afabc52b5aa8a223da4b69acf5a26b1ad6a

    • SHA256

      f1721df32789a9e1551010e0fc30caa050366f4c949c1f73fcf317e85e0ecb35

    • SHA512

      78466f1255589cfa53c629365968bf89a925be26f3cbd924266e3fbb2a42d6bb5c601c6cee52d23322980fa621517f4c0e83394ebcf0780f7859d20127716c98

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks