General
-
Target
direct-12.08.2020.doc
-
Size
111KB
-
Sample
201208-ts3bqmj1gj
-
MD5
046593bb9cc87ad15cf59af9c1993f55
-
SHA1
cfbd3b7b82c3ebe22506b2f1375aacf134676c53
-
SHA256
6bdadb3e04b16759d56dd630002422a9d6da85beb1909feee5a99d14d5bbfb2a
-
SHA512
cc6a7adb13f62630f4a7198b4c81a4563962c01dd8e54b68dd8fc61df22d55c32047b74d9ed8fcfeadccacfc02f88d56732ab1e23167ceb1f529a0e691028b1a
Static task
static1
Malware Config
Targets
-
-
Target
direct-12.08.2020.doc
-
Size
111KB
-
MD5
046593bb9cc87ad15cf59af9c1993f55
-
SHA1
cfbd3b7b82c3ebe22506b2f1375aacf134676c53
-
SHA256
6bdadb3e04b16759d56dd630002422a9d6da85beb1909feee5a99d14d5bbfb2a
-
SHA512
cc6a7adb13f62630f4a7198b4c81a4563962c01dd8e54b68dd8fc61df22d55c32047b74d9ed8fcfeadccacfc02f88d56732ab1e23167ceb1f529a0e691028b1a
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-