General
-
Target
official paper.12.20.doc
-
Size
77KB
-
Sample
201210-zbrqv4svsa
-
MD5
1b1b78aed0518d2608786b0c0a5af9ef
-
SHA1
472a23c627100d627c8f98bde78a5bd28bcb2545
-
SHA256
34ff76103583c35bebe706f721e1e692a7c34b226eb32fa96de9dcd4c8db7ddc
-
SHA512
17b041223b618ba08f4f504bd43bff2bc4c6044eea86f5c17c5c1448e643ccccd56e2da8780ea91b21205dcd22aa4749a31216676b6943cf6903c3cb4dec4002
Static task
static1
Behavioral task
behavioral1
Sample
official paper.12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
official paper.12.20.doc
-
Size
77KB
-
MD5
1b1b78aed0518d2608786b0c0a5af9ef
-
SHA1
472a23c627100d627c8f98bde78a5bd28bcb2545
-
SHA256
34ff76103583c35bebe706f721e1e692a7c34b226eb32fa96de9dcd4c8db7ddc
-
SHA512
17b041223b618ba08f4f504bd43bff2bc4c6044eea86f5c17c5c1448e643ccccd56e2da8780ea91b21205dcd22aa4749a31216676b6943cf6903c3cb4dec4002
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-