General
-
Target
Quotation.doc.scr
-
Size
560KB
-
Sample
201109-qpz4fjct2n
-
MD5
8d09d7e0a4fe465fcc5d52594fc007f9
-
SHA1
d1d99b13dadcb5212b70f5ebef876a22528bbe29
-
SHA256
29ee428b001089c4cb3447b6aeb0534d1fe595ce9246f5c0b52da0996f55b77e
-
SHA512
c5bfbd0d1329a12de1213e7e089fbd2d406cdfeeb376a2fbf55715623acdc436a6e78059d1c973f530e7506282c328371eee9bba19890a11c935b8d9be66c7f1
Static task
static1
Behavioral task
behavioral1
Sample
Quotation.doc.scr
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Quotation.doc.scr
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Quotation.doc.scr
-
Size
560KB
-
MD5
8d09d7e0a4fe465fcc5d52594fc007f9
-
SHA1
d1d99b13dadcb5212b70f5ebef876a22528bbe29
-
SHA256
29ee428b001089c4cb3447b6aeb0534d1fe595ce9246f5c0b52da0996f55b77e
-
SHA512
c5bfbd0d1329a12de1213e7e089fbd2d406cdfeeb376a2fbf55715623acdc436a6e78059d1c973f530e7506282c328371eee9bba19890a11c935b8d9be66c7f1
Score9/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-