General
-
Target
charge.12.20.doc
-
Size
90KB
-
Sample
201210-slt7xdwraa
-
MD5
4757838ce415a0ab23282cb608ef45d5
-
SHA1
fa5ee9b84f35b4dbb8fe426684aedfaaca979134
-
SHA256
40a2ad9eb3f20c7d4378fe86fca0a18f89230aa06d73a99ae2f08a32eccebede
-
SHA512
e867c56a1a12ff67fbcee46d8878f31fc9c3170b3b9efad6118d93c0cb3c5e56201ced7690a204b7e942065c428f079ff8c94e68fb4025daa4d5ab24e4cef61c
Static task
static1
Behavioral task
behavioral1
Sample
charge.12.20.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
charge.12.20.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
charge.12.20.doc
-
Size
90KB
-
MD5
4757838ce415a0ab23282cb608ef45d5
-
SHA1
fa5ee9b84f35b4dbb8fe426684aedfaaca979134
-
SHA256
40a2ad9eb3f20c7d4378fe86fca0a18f89230aa06d73a99ae2f08a32eccebede
-
SHA512
e867c56a1a12ff67fbcee46d8878f31fc9c3170b3b9efad6118d93c0cb3c5e56201ced7690a204b7e942065c428f079ff8c94e68fb4025daa4d5ab24e4cef61c
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-