General
-
Target
material 12.20.doc
-
Size
76KB
-
Sample
201210-mls1lv3t8x
-
MD5
a96af6fea5159248793d711bf1b2d1eb
-
SHA1
851bcae7c7a22f5ac42ca27637053da54006c961
-
SHA256
549cb76628b35238ae936cf8802162b8b6514b633be15fce41c086410f5292fe
-
SHA512
351f045e26ed22a112ef00952957e865390be974579115df75d0a40d83d86934b2dc4459e9f56a0166e1fe3d15156d2655bf481f35dc660fe0742ecc4c2fba0b
Static task
static1
Behavioral task
behavioral1
Sample
material 12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
material 12.20.doc
-
Size
76KB
-
MD5
a96af6fea5159248793d711bf1b2d1eb
-
SHA1
851bcae7c7a22f5ac42ca27637053da54006c961
-
SHA256
549cb76628b35238ae936cf8802162b8b6514b633be15fce41c086410f5292fe
-
SHA512
351f045e26ed22a112ef00952957e865390be974579115df75d0a40d83d86934b2dc4459e9f56a0166e1fe3d15156d2655bf481f35dc660fe0742ecc4c2fba0b
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-