General
-
Target
tell.11.30.2020.doc
-
Size
108KB
-
Sample
201130-bq6v8ka1ma
-
MD5
bb5fb9950b21297472847d5437b4d2ef
-
SHA1
fde8280ef7ecd2d28401161630cddfd894fef98c
-
SHA256
05b8d446a09ad61a5f1f360a93279bb5f2600628320fd82f98c9b57fe5e892db
-
SHA512
f7fa1217859822921e332e2116a5490d6c2fe7565332e32bfa1f0fa0ac5d9e5612fdf9f125e9de15b72f25198bd2c4993a7373b092aaf51c9af1d31e476ed686
Static task
static1
Behavioral task
behavioral1
Sample
tell.11.30.2020.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
tell.11.30.2020.doc
-
Size
108KB
-
MD5
bb5fb9950b21297472847d5437b4d2ef
-
SHA1
fde8280ef7ecd2d28401161630cddfd894fef98c
-
SHA256
05b8d446a09ad61a5f1f360a93279bb5f2600628320fd82f98c9b57fe5e892db
-
SHA512
f7fa1217859822921e332e2116a5490d6c2fe7565332e32bfa1f0fa0ac5d9e5612fdf9f125e9de15b72f25198bd2c4993a7373b092aaf51c9af1d31e476ed686
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-