General
-
Target
legal paper 12.20.doc
-
Size
91KB
-
Sample
201213-ex7hr6z24s
-
MD5
af4aae598fca3fb06d8fc8a71e52b949
-
SHA1
984376a9eda44cdd26014e69870aef6c3d54606f
-
SHA256
22ade5dbd3fb6a4d10a8b2f177e85d86672dbd3c8c2863815d8f774388750362
-
SHA512
4332368ff6c49ea1dacc278f5d933c8b51b8f75719649631db3f3713bf2513a35638d3bd5ac78b8be9badd8b12628749689f05d7e1a6fdd9685b54cf6d198149
Static task
static1
Behavioral task
behavioral1
Sample
legal paper 12.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
legal paper 12.20.doc
-
Size
91KB
-
MD5
af4aae598fca3fb06d8fc8a71e52b949
-
SHA1
984376a9eda44cdd26014e69870aef6c3d54606f
-
SHA256
22ade5dbd3fb6a4d10a8b2f177e85d86672dbd3c8c2863815d8f774388750362
-
SHA512
4332368ff6c49ea1dacc278f5d933c8b51b8f75719649631db3f3713bf2513a35638d3bd5ac78b8be9badd8b12628749689f05d7e1a6fdd9685b54cf6d198149
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-