Overview

overview

10

Static

static

certificat...20.doc

windows7_x64

10

certificat...20.doc

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    certificato-07.08.20.doc

  • Size

    134KB

  • Sample

    200711-g1z9ng29bj

  • MD5

    0a1f37db056ff83c5161a2604fc0f978

  • SHA1

    9ff7afd9002eafe4c409dfaadde932fb5400666f

  • SHA256

    340997943546e3a333e84ca3764f721b48218557389534beebe4a2ab13b968d4

  • SHA512

    a0c2d9aeb70660964d0bf8c01a25cf3f5c4d1012270663403ad54029b064000b5afdb989f2f3be2f00673f5384fcadd31716dc405dd7f3295523576ce0563217

Score
10/10

Malware Config

Targets

    • Target

      certificato-07.08.20.doc

    • Size

      134KB

    • MD5

      0a1f37db056ff83c5161a2604fc0f978

    • SHA1

      9ff7afd9002eafe4c409dfaadde932fb5400666f

    • SHA256

      340997943546e3a333e84ca3764f721b48218557389534beebe4a2ab13b968d4

    • SHA512

      a0c2d9aeb70660964d0bf8c01a25cf3f5c4d1012270663403ad54029b064000b5afdb989f2f3be2f00673f5384fcadd31716dc405dd7f3295523576ce0563217

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks