General
-
Target
SecuriteInfo.com.DOC.Kryptik.Q.17206
-
Size
297KB
-
Sample
200713-pbxzl4zaqn
-
MD5
62e26facf7fccf4cd98fb2d8064bbda4
-
SHA1
6ca90193994b32e20f014b773e984be29cdb415f
-
SHA256
027e355c782feb5a0feec8d6fe004073e0d2f7d0d146fb81c3439f81e09d5aed
-
SHA512
aa7f178103bec3e3e2b8091e5a35fc00d68eb5809460fd7a785a1bddf0289d23ed603d82487e543df4a0e1435348f497f537e069574416f87b0416e5c208b4f6
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.DOC.Kryptik.Q.17206.xls
Resource
win7v200430
Behavioral task
behavioral2
Sample
SecuriteInfo.com.DOC.Kryptik.Q.17206.xls
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.DOC.Kryptik.Q.17206
-
Size
297KB
-
MD5
62e26facf7fccf4cd98fb2d8064bbda4
-
SHA1
6ca90193994b32e20f014b773e984be29cdb415f
-
SHA256
027e355c782feb5a0feec8d6fe004073e0d2f7d0d146fb81c3439f81e09d5aed
-
SHA512
aa7f178103bec3e3e2b8091e5a35fc00d68eb5809460fd7a785a1bddf0289d23ed603d82487e543df4a0e1435348f497f537e069574416f87b0416e5c208b4f6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates connected drives
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-