General
-
Target
specifics,12.16.2020.doc
-
Size
92KB
-
Sample
201216-ar3vwqjm9a
-
MD5
ddf0d9e3d86f7542de8f619f00a7725a
-
SHA1
082ba5b236a3b9a0ae5d8d6a070c3e764792e7f2
-
SHA256
7561a0f5134bf3dbaa34d09f2a20dc01057626e74d7df42072bef06d6bd6ee95
-
SHA512
7daf04c544334ba04c7f0e2b6654fee58ecf85cc4dabd42d9237a72d4d0beb833c4d72dfff9cc2f957b8eb6c68d18dcf4b24d919ca11ee88e24224619301c3d7
Static task
static1
Malware Config
Targets
-
-
Target
specifics,12.16.2020.doc
-
Size
92KB
-
MD5
ddf0d9e3d86f7542de8f619f00a7725a
-
SHA1
082ba5b236a3b9a0ae5d8d6a070c3e764792e7f2
-
SHA256
7561a0f5134bf3dbaa34d09f2a20dc01057626e74d7df42072bef06d6bd6ee95
-
SHA512
7daf04c544334ba04c7f0e2b6654fee58ecf85cc4dabd42d9237a72d4d0beb833c4d72dfff9cc2f957b8eb6c68d18dcf4b24d919ca11ee88e24224619301c3d7
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-