General
-
Target
question 12.20.doc
-
Size
92KB
-
Sample
201211-b87dexehm2
-
MD5
5de2884bc432d24412d912a7b15e6716
-
SHA1
b72c0f8fa24ecd39e04a76a2217df45387129fa1
-
SHA256
d5a0663b7eb637755655fc8fd3890979919463465ed0fa441661db95bf0d3a33
-
SHA512
9232b4834dfdec55eddaffcdf749e109ceaefa32fecc807e83c8048d011df9473a086e01d6b409726523dde23d0d3ea3cba251d29cdc269203e46b9f9cdd1374
Static task
static1
Behavioral task
behavioral1
Sample
question 12.20.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
question 12.20.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
question 12.20.doc
-
Size
92KB
-
MD5
5de2884bc432d24412d912a7b15e6716
-
SHA1
b72c0f8fa24ecd39e04a76a2217df45387129fa1
-
SHA256
d5a0663b7eb637755655fc8fd3890979919463465ed0fa441661db95bf0d3a33
-
SHA512
9232b4834dfdec55eddaffcdf749e109ceaefa32fecc807e83c8048d011df9473a086e01d6b409726523dde23d0d3ea3cba251d29cdc269203e46b9f9cdd1374
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-