General
-
Target
command,12.20.doc
-
Size
74KB
-
Sample
201207-ggp66n8c7x
-
MD5
b7bb7e2d57a3822c20a002b5c983091a
-
SHA1
210f27e3310a98418d95e7e9b307dfd8cde6ef4e
-
SHA256
55f3a89d2ca7bce56709fa843c39e0556c3960680ff9e66b7c3c897734828824
-
SHA512
12e84209dd146c3f3ac3da7f54371d1074b19f4c6449d44ac95c3614c10a8c3f19fa6564e42e894e370944e724795342d583689607990df1808ee5d34e91e771
Static task
static1
Behavioral task
behavioral1
Sample
command,12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
command,12.20.doc
-
Size
74KB
-
MD5
b7bb7e2d57a3822c20a002b5c983091a
-
SHA1
210f27e3310a98418d95e7e9b307dfd8cde6ef4e
-
SHA256
55f3a89d2ca7bce56709fa843c39e0556c3960680ff9e66b7c3c897734828824
-
SHA512
12e84209dd146c3f3ac3da7f54371d1074b19f4c6449d44ac95c3614c10a8c3f19fa6564e42e894e370944e724795342d583689607990df1808ee5d34e91e771
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-