General
-
Target
intelligence.12.20.doc
-
Size
93KB
-
Sample
201211-vf4agsg81e
-
MD5
65ec18ca70efc83cdbfc3c13787b87ac
-
SHA1
6fa3ca64a8f9584b45311d0027ec87ec54345fa8
-
SHA256
97562356bf8fb0036c0a85a51f66015565018a9d2f810d4e0b7426dade78d929
-
SHA512
7baa49f87297f57b0956244436255b2759b0254205ef95bfdb94a6fc49d43b3af813e914beba37eed35d0e83a2758170f70bdde71397da5db9d824e834f2f52f
Static task
static1
Behavioral task
behavioral1
Sample
intelligence.12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
intelligence.12.20.doc
-
Size
93KB
-
MD5
65ec18ca70efc83cdbfc3c13787b87ac
-
SHA1
6fa3ca64a8f9584b45311d0027ec87ec54345fa8
-
SHA256
97562356bf8fb0036c0a85a51f66015565018a9d2f810d4e0b7426dade78d929
-
SHA512
7baa49f87297f57b0956244436255b2759b0254205ef95bfdb94a6fc49d43b3af813e914beba37eed35d0e83a2758170f70bdde71397da5db9d824e834f2f52f
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-