Overview

overview

10

Static

static

material.11.20.doc

windows7_x64

10

material.11.20.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    material.11.20.doc

  • Size

    142KB

  • Sample

    201124-88zt947xtx

  • MD5

    96d1a0a87b63e08f2b2299841cd0bf52

  • SHA1

    f89fd556d4bdfd8052e2a5c29164823ab79a6923

  • SHA256

    4de0cdd480990aad05acf6c178e4711cd05bf0bc83b4c65fe0e0c0003832f5d6

  • SHA512

    c2ee88dcaceee3fb638a357e2a4f5a7fcd0a73cf2cda370e924ac4b9581a819435250a5598eccb1c338467b815d9a9037f33a0e0891e3595b4a0620f1085a683

Score
10/10

Malware Config

Targets

    • Target

      material.11.20.doc

    • Size

      142KB

    • MD5

      96d1a0a87b63e08f2b2299841cd0bf52

    • SHA1

      f89fd556d4bdfd8052e2a5c29164823ab79a6923

    • SHA256

      4de0cdd480990aad05acf6c178e4711cd05bf0bc83b4c65fe0e0c0003832f5d6

    • SHA512

      c2ee88dcaceee3fb638a357e2a4f5a7fcd0a73cf2cda370e924ac4b9581a819435250a5598eccb1c338467b815d9a9037f33a0e0891e3595b4a0620f1085a683

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blacklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks