General
-
Target
intelligence 12.15.20.doc
-
Size
94KB
-
Sample
201215-med2g99nhj
-
MD5
cae7a9d8c05bb9e0f6210680d01ace3b
-
SHA1
89bf3e579265b7b743f123b51f0995d482ad7587
-
SHA256
a693c322ccdfcae8ca552dcb1179e483b72719c1f3586acb8c09949c1b71c0df
-
SHA512
f2072b4c22894f83266f0854941cc9d5af2f3f92f8ef003bc49316567ebbe6dbb2052e95cb5367694faffdf0eac9a337e0214ef1b0e3483f63cd72e3c67787b3
Static task
static1
Behavioral task
behavioral1
Sample
intelligence 12.15.20.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
intelligence 12.15.20.doc
-
Size
94KB
-
MD5
cae7a9d8c05bb9e0f6210680d01ace3b
-
SHA1
89bf3e579265b7b743f123b51f0995d482ad7587
-
SHA256
a693c322ccdfcae8ca552dcb1179e483b72719c1f3586acb8c09949c1b71c0df
-
SHA512
f2072b4c22894f83266f0854941cc9d5af2f3f92f8ef003bc49316567ebbe6dbb2052e95cb5367694faffdf0eac9a337e0214ef1b0e3483f63cd72e3c67787b3
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-