General
-
Target
direct-12.20.doc
-
Size
74KB
-
Sample
201207-v48p1nn33j
-
MD5
cee51e0e0e0133822c6111ef1ab6cfbb
-
SHA1
8e6d6ac6416ed49cc20f5e2424dee11222e23994
-
SHA256
2dd512c4f4c8940207a3eadaf64ae639c0f295239a629466bb1f2d45253a8a93
-
SHA512
3372d4482ed06f0a617c24eb7978e27195ee40320e1d3fdb9e89dcabe0d8bd95d936d806a61c73e63d512c6e29b34af0283cdad5aeaaa179eafa4b1f371742b6
Static task
static1
Behavioral task
behavioral1
Sample
direct-12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
direct-12.20.doc
-
Size
74KB
-
MD5
cee51e0e0e0133822c6111ef1ab6cfbb
-
SHA1
8e6d6ac6416ed49cc20f5e2424dee11222e23994
-
SHA256
2dd512c4f4c8940207a3eadaf64ae639c0f295239a629466bb1f2d45253a8a93
-
SHA512
3372d4482ed06f0a617c24eb7978e27195ee40320e1d3fdb9e89dcabe0d8bd95d936d806a61c73e63d512c6e29b34af0283cdad5aeaaa179eafa4b1f371742b6
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-