General
-
Target
command.11.30.2020.doc
-
Size
142KB
-
Sample
201130-txjyy8dzbn
-
MD5
019d3ecf74e5e66bc246f70c69bfa2d0
-
SHA1
ee7e8ff6e1905eea0a9a35e881978bbf55fbb03f
-
SHA256
427b1af5ab5a8ecf6d182ea7c1bcf696700ea31358b88ca374fa82b4d0dc619d
-
SHA512
37a3c711ea942e9f600b96af67abd1b0eb24331c8cdbec14055bd2aec9845e209dc4bff3325211df88f25615f0d7ab5601ed5f70b7323717bed28a5af5a2d03b
Static task
static1
Behavioral task
behavioral1
Sample
command.11.30.2020.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
command.11.30.2020.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
command.11.30.2020.doc
-
Size
142KB
-
MD5
019d3ecf74e5e66bc246f70c69bfa2d0
-
SHA1
ee7e8ff6e1905eea0a9a35e881978bbf55fbb03f
-
SHA256
427b1af5ab5a8ecf6d182ea7c1bcf696700ea31358b88ca374fa82b4d0dc619d
-
SHA512
37a3c711ea942e9f600b96af67abd1b0eb24331c8cdbec14055bd2aec9845e209dc4bff3325211df88f25615f0d7ab5601ed5f70b7323717bed28a5af5a2d03b
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-