General
-
Target
bid,11.20.doc
-
Size
142KB
-
Sample
201130-el4fzfra72
-
MD5
3c69f4f6aae381f9b04822b6d674abff
-
SHA1
4e4eac6af37de861d8ebe7693a2b3f4a177702fe
-
SHA256
02f916508e994d17de70335b46e547af0bf809405a80a4ea732e5fc7153cfcb6
-
SHA512
39bbbab80dbb650591a505146bf3d303706bc4caf47b13aeddde531f09faee342ba997eb4c5e2607918cb106f996d0e703c57724e98cd7039ae8d7132bba1f10
Static task
static1
Behavioral task
behavioral1
Sample
bid,11.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
bid,11.20.doc
-
Size
142KB
-
MD5
3c69f4f6aae381f9b04822b6d674abff
-
SHA1
4e4eac6af37de861d8ebe7693a2b3f4a177702fe
-
SHA256
02f916508e994d17de70335b46e547af0bf809405a80a4ea732e5fc7153cfcb6
-
SHA512
39bbbab80dbb650591a505146bf3d303706bc4caf47b13aeddde531f09faee342ba997eb4c5e2607918cb106f996d0e703c57724e98cd7039ae8d7132bba1f10
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-