General
-
Target
input-12.20.doc
-
Size
90KB
-
Sample
201210-bqf5ks4km2
-
MD5
b62c202699132594e5d95bd22c9f3fb8
-
SHA1
f129c898c8c4b893c8e78bd79fc60b460d292e60
-
SHA256
e27ec64bfb5e248f294855366e6cfe5884874a77a9ec5429843c3da37bd0428e
-
SHA512
879eb7b6e73379e73ea72ba3e432c47cf9212c2082605079ebcc143cde2199bccf8f455de7e7decc5c18e4e2262111ead00de717b31e31df322c66d0d634863b
Static task
static1
Behavioral task
behavioral1
Sample
input-12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
input-12.20.doc
-
Size
90KB
-
MD5
b62c202699132594e5d95bd22c9f3fb8
-
SHA1
f129c898c8c4b893c8e78bd79fc60b460d292e60
-
SHA256
e27ec64bfb5e248f294855366e6cfe5884874a77a9ec5429843c3da37bd0428e
-
SHA512
879eb7b6e73379e73ea72ba3e432c47cf9212c2082605079ebcc143cde2199bccf8f455de7e7decc5c18e4e2262111ead00de717b31e31df322c66d0d634863b
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-