Overview

overview

10

Static

static

documento ...20.doc

windows7_x64

10

documento ...20.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    documento legale_07.20.doc

  • Size

    147KB

  • Sample

    200711-bpvhs7vt8n

  • MD5

    2f90002a2bd51ba8e16bae0e8afa0624

  • SHA1

    aac91441b513c3801a87a3953d9c6afdb80d81b0

  • SHA256

    03f9be4517e46e9a1a9f7cd4dd6dac324aa4f6dd23c3b88545879b2aee47ac1c

  • SHA512

    040b2ccb36bc54bf973bccea98e7a96d0d5e5efb97c5be48cadafa5e6406365d350c9826f294454e46865252efe532f3b3bd02a90b9d878cfef2d1d19aa3dcd4

Score
10/10

Malware Config

Targets

    • Target

      documento legale_07.20.doc

    • Size

      147KB

    • MD5

      2f90002a2bd51ba8e16bae0e8afa0624

    • SHA1

      aac91441b513c3801a87a3953d9c6afdb80d81b0

    • SHA256

      03f9be4517e46e9a1a9f7cd4dd6dac324aa4f6dd23c3b88545879b2aee47ac1c

    • SHA512

      040b2ccb36bc54bf973bccea98e7a96d0d5e5efb97c5be48cadafa5e6406365d350c9826f294454e46865252efe532f3b3bd02a90b9d878cfef2d1d19aa3dcd4

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks