General
-
Target
SecuriteInfo.com.DOC.Kryptik.Q.893
-
Size
294KB
-
Sample
200713-49swbe81yj
-
MD5
8b6d08aa84e0a4f523a804afc89a8212
-
SHA1
c7f07421aa70e66b4bdb5350ba4c3529a00c4d7d
-
SHA256
61e798e2539635b290c475b23bbe4940d10e514645f08bbccbe1442345ebe39a
-
SHA512
23b4c196217e9b0923b9860aca873b2ea61d9405c1d911b100c7b58460eeae8799745832a2b84404a25b59506fd7ade21489fe544c2db1a9ea85683f91343060
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.DOC.Kryptik.Q.893.xls
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.DOC.Kryptik.Q.893.xls
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.DOC.Kryptik.Q.893
-
Size
294KB
-
MD5
8b6d08aa84e0a4f523a804afc89a8212
-
SHA1
c7f07421aa70e66b4bdb5350ba4c3529a00c4d7d
-
SHA256
61e798e2539635b290c475b23bbe4940d10e514645f08bbccbe1442345ebe39a
-
SHA512
23b4c196217e9b0923b9860aca873b2ea61d9405c1d911b100c7b58460eeae8799745832a2b84404a25b59506fd7ade21489fe544c2db1a9ea85683f91343060
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates connected drives
-