bb9b7bf7e2fdefe4fcb05e44f267239955d6c75db7ebf1d6b9926b8e4b1f3330 | Triage

Submit
Reports

Overview

overview

Static

static

intelligen...20.doc

windows7_x64

intelligen...20.doc

windows10_x64

Sharing

General

Target

intelligence.07.20.doc
Size

114KB
Sample

200715-slx1g9kgsa
MD5

31d82f84272d8dfd22f57694faa2cb0b
SHA1

73c7451375e7014bcd5f239412a7030428c39f26
SHA256

bb9b7bf7e2fdefe4fcb05e44f267239955d6c75db7ebf1d6b9926b8e4b1f3330
SHA512

fbd0e09176957868de9a4814ff47c3eb50aa27830c9ca63f08fd7693f946c2387020fbea6acb2b4057712d632162ec27f100c4adbdfbcb8e53ab83a749b4a97e

Score

10^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

intelligence.07.20.doc

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

intelligence.07.20.doc

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  intelligence.07.20.doc
- Size
  
  114KB
- MD5
  
  31d82f84272d8dfd22f57694faa2cb0b
- SHA1
  
  73c7451375e7014bcd5f239412a7030428c39f26
- SHA256
  
  bb9b7bf7e2fdefe4fcb05e44f267239955d6c75db7ebf1d6b9926b8e4b1f3330
- SHA512
  
  fbd0e09176957868de9a4814ff47c3eb50aa27830c9ca63f08fd7693f946c2387020fbea6acb2b4057712d632162ec27f100c4adbdfbcb8e53ab83a749b4a97e
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy