General
-
Target
certificate_12.20.doc
-
Size
75KB
-
Sample
201207-wh5a7vh2ja
-
MD5
09a3cabe56bddaccf3736c626524a267
-
SHA1
ecd402f6d90ce58878aa67cc889e1a2ffecafe3e
-
SHA256
3e670878dd1bec8ea456d334a47600c9e174a380afd89d86725fa8e81b9bc8f4
-
SHA512
2d651168d56371706ea4709f0f313c9fe262a1f3930fe21e3f40e241113057a623a8839f448fbd358eeb1b446b35ab869d905efb8bef83289236533edae330ed
Static task
static1
Behavioral task
behavioral1
Sample
certificate_12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
certificate_12.20.doc
-
Size
75KB
-
MD5
09a3cabe56bddaccf3736c626524a267
-
SHA1
ecd402f6d90ce58878aa67cc889e1a2ffecafe3e
-
SHA256
3e670878dd1bec8ea456d334a47600c9e174a380afd89d86725fa8e81b9bc8f4
-
SHA512
2d651168d56371706ea4709f0f313c9fe262a1f3930fe21e3f40e241113057a623a8839f448fbd358eeb1b446b35ab869d905efb8bef83289236533edae330ed
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-