Overview

overview

10

Static

static

Z15L.doc

windows7_x64

10

Z15L.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Z15L.doc

  • Size

    18KB

  • Sample

    200713-lbmhj2emha

  • MD5

    f93b93eb344857843ad3e96c5f50ebab

  • SHA1

    fe06bd6cafa83defed720c2b76679f23b3f68dd5

  • SHA256

    77d445a597d3a66104b78fbffd7f90c9a141f42f9c47c7fbef1e4340f1652122

  • SHA512

    0131653ec51d113b782d06f339d2c342505db759103ed3bcb7198dcc0803d2af2801afcd9d5c1ea33ee2f562936f117ad1a670d2384bb2ffc921a70c3f6d8ecd

Score
10/10

Malware Config

Targets

    • Target

      Z15L.doc

    • Size

      18KB

    • MD5

      f93b93eb344857843ad3e96c5f50ebab

    • SHA1

      fe06bd6cafa83defed720c2b76679f23b3f68dd5

    • SHA256

      77d445a597d3a66104b78fbffd7f90c9a141f42f9c47c7fbef1e4340f1652122

    • SHA512

      0131653ec51d113b782d06f339d2c342505db759103ed3bcb7198dcc0803d2af2801afcd9d5c1ea33ee2f562936f117ad1a670d2384bb2ffc921a70c3f6d8ecd

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blacklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks