General
-
Target
material.11.20.doc
-
Size
142KB
-
Sample
201124-88zt947xtx
-
MD5
96d1a0a87b63e08f2b2299841cd0bf52
-
SHA1
f89fd556d4bdfd8052e2a5c29164823ab79a6923
-
SHA256
4de0cdd480990aad05acf6c178e4711cd05bf0bc83b4c65fe0e0c0003832f5d6
-
SHA512
c2ee88dcaceee3fb638a357e2a4f5a7fcd0a73cf2cda370e924ac4b9581a819435250a5598eccb1c338467b815d9a9037f33a0e0891e3595b4a0620f1085a683
Score
10/10
Malware Config
Targets
-
-
Target
material.11.20.doc
-
Size
142KB
-
MD5
96d1a0a87b63e08f2b2299841cd0bf52
-
SHA1
f89fd556d4bdfd8052e2a5c29164823ab79a6923
-
SHA256
4de0cdd480990aad05acf6c178e4711cd05bf0bc83b4c65fe0e0c0003832f5d6
-
SHA512
c2ee88dcaceee3fb638a357e2a4f5a7fcd0a73cf2cda370e924ac4b9581a819435250a5598eccb1c338467b815d9a9037f33a0e0891e3595b4a0620f1085a683
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Loads dropped DLL
-