General
-
Target
input-12.20.doc
-
Size
75KB
-
Sample
201207-cszn89s3ys
-
MD5
4af52a67786d2366a17209b0581fdc45
-
SHA1
46f29ea2973ee1e1991424696121736e8af505eb
-
SHA256
aea06bc980d083aa2e2ae3ab821352033e663dc21739db859a274cf0556941f3
-
SHA512
0e4ace559cfd3c6a5d7cc8fa0255496eb7b50000b3f4c3fa778d36fa80d78259b777abeba1ee6be93f064aad24500fcddde3c8902624611efedd2b3a3d4bdb2e
Static task
static1
Behavioral task
behavioral1
Sample
input-12.20.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
input-12.20.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
input-12.20.doc
-
Size
75KB
-
MD5
4af52a67786d2366a17209b0581fdc45
-
SHA1
46f29ea2973ee1e1991424696121736e8af505eb
-
SHA256
aea06bc980d083aa2e2ae3ab821352033e663dc21739db859a274cf0556941f3
-
SHA512
0e4ace559cfd3c6a5d7cc8fa0255496eb7b50000b3f4c3fa778d36fa80d78259b777abeba1ee6be93f064aad24500fcddde3c8902624611efedd2b3a3d4bdb2e
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-