General
-
Target
commerce ,12.20.doc
-
Size
73KB
-
Sample
201207-fvk1ql7t16
-
MD5
ff964fd38ca1b1c28d543574f2fbbf74
-
SHA1
4eff0c20e4740e3e4eb53c5489d01a079c1ef3ee
-
SHA256
0cc40f89721a9d22358c612aa94164b3ce259da696798c2d6fde6ad7c82d396e
-
SHA512
23a034d28dcd837d61253cdd79c0d62c91923f03831d330e2a2cc92305e29d571b10ecd8086885b4b478044386847d92f71ce536996980675fca7f0ba5051ea2
Static task
static1
Behavioral task
behavioral1
Sample
commerce ,12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
commerce ,12.20.doc
-
Size
73KB
-
MD5
ff964fd38ca1b1c28d543574f2fbbf74
-
SHA1
4eff0c20e4740e3e4eb53c5489d01a079c1ef3ee
-
SHA256
0cc40f89721a9d22358c612aa94164b3ce259da696798c2d6fde6ad7c82d396e
-
SHA512
23a034d28dcd837d61253cdd79c0d62c91923f03831d330e2a2cc92305e29d571b10ecd8086885b4b478044386847d92f71ce536996980675fca7f0ba5051ea2
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-