General
-
Target
SecuriteInfo.com.DOC.Kryptik.Q.9507
-
Size
294KB
-
Sample
200713-egaj968lwn
-
MD5
c4d00a8c5a19c0cd416bc3dee1fbad59
-
SHA1
0e0f4007f44fad588a6730c34e2f1489fb4faea0
-
SHA256
a8f983eaa6a03d1837cc9d85c25cb152cd140540755fcd3307a5e50e73df1171
-
SHA512
8d9a8cdae3af0639609e44b0bd82330bb01809ff5425dc3633fdeefa39e92d7bf844b66488b3df6b6a5bc1ae43809d9633793121c64b9b5c05ecae40f35946a1
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.DOC.Kryptik.Q.9507.xls
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.DOC.Kryptik.Q.9507.xls
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.DOC.Kryptik.Q.9507
-
Size
294KB
-
MD5
c4d00a8c5a19c0cd416bc3dee1fbad59
-
SHA1
0e0f4007f44fad588a6730c34e2f1489fb4faea0
-
SHA256
a8f983eaa6a03d1837cc9d85c25cb152cd140540755fcd3307a5e50e73df1171
-
SHA512
8d9a8cdae3af0639609e44b0bd82330bb01809ff5425dc3633fdeefa39e92d7bf844b66488b3df6b6a5bc1ae43809d9633793121c64b9b5c05ecae40f35946a1
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates connected drives
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-