Overview

overview

10

Static

static

8

SecuriteIn...07.xls

windows7_x64

6

SecuriteIn...07.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.DOC.Kryptik.Q.9507

  • Size

    294KB

  • Sample

    200713-egaj968lwn

  • MD5

    c4d00a8c5a19c0cd416bc3dee1fbad59

  • SHA1

    0e0f4007f44fad588a6730c34e2f1489fb4faea0

  • SHA256

    a8f983eaa6a03d1837cc9d85c25cb152cd140540755fcd3307a5e50e73df1171

  • SHA512

    8d9a8cdae3af0639609e44b0bd82330bb01809ff5425dc3633fdeefa39e92d7bf844b66488b3df6b6a5bc1ae43809d9633793121c64b9b5c05ecae40f35946a1

Score
10/10
macro

Malware Config

Targets

    • Target

      SecuriteInfo.com.DOC.Kryptik.Q.9507

    • Size

      294KB

    • MD5

      c4d00a8c5a19c0cd416bc3dee1fbad59

    • SHA1

      0e0f4007f44fad588a6730c34e2f1489fb4faea0

    • SHA256

      a8f983eaa6a03d1837cc9d85c25cb152cd140540755fcd3307a5e50e73df1171

    • SHA512

      8d9a8cdae3af0639609e44b0bd82330bb01809ff5425dc3633fdeefa39e92d7bf844b66488b3df6b6a5bc1ae43809d9633793121c64b9b5c05ecae40f35946a1

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Enumerates connected drives

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks