f68bb42ce6d65902275468d5589521805e76a06b724824eb72c6bc1754359d9e | Triage

Submit
Reports

Overview

overview

Static

static

commerce _07.20.doc

windows7_x64

commerce _07.20.doc

windows10_x64

Sharing

General

Target

commerce _07.20.doc
Size

114KB
Sample

200715-je1hfhjhms
MD5

a4cdab76891c04a803cfdf14c1078d8d
SHA1

687b0c5157d3da0ed471557cd387abd1a80d3124
SHA256

f68bb42ce6d65902275468d5589521805e76a06b724824eb72c6bc1754359d9e
SHA512

1d660a4aa4e97b5998378a680ebcd382f44671d75986e781ab74e999030f7412184501c8cb40b56d76e0d945f81b118c67d1a0662d56bbb84cf75975c1b9d28c

Score

10^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

commerce _07.20.doc

Resource

win7v200430

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

commerce _07.20.doc

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  commerce _07.20.doc
- Size
  
  114KB
- MD5
  
  a4cdab76891c04a803cfdf14c1078d8d
- SHA1
  
  687b0c5157d3da0ed471557cd387abd1a80d3124
- SHA256
  
  f68bb42ce6d65902275468d5589521805e76a06b724824eb72c6bc1754359d9e
- SHA512
  
  1d660a4aa4e97b5998378a680ebcd382f44671d75986e781ab74e999030f7412184501c8cb40b56d76e0d945f81b118c67d1a0662d56bbb84cf75975c1b9d28c
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy