General
-
Target
official paper 12.20.doc
-
Size
59KB
-
Sample
201217-lnbg757twx
-
MD5
3f800c4e7499313d94e7b5b340e74bde
-
SHA1
531904218d798930796fb6019811be5a1765fd11
-
SHA256
bc33970f8fd9d889e5e9139a27eb1b7e896d303b2486b4f8a81b22db03c7aad3
-
SHA512
5c91ae537fd5a135773a0b41e942f06a1f2eaf43c089ab1c2679133bfc64969c9efb29f892acc24d2366501184d7ca29664f0a8c0772eaca82f7b22bc92dc888
Static task
static1
Behavioral task
behavioral1
Sample
official paper 12.20.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
official paper 12.20.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
official paper 12.20.doc
-
Size
59KB
-
MD5
3f800c4e7499313d94e7b5b340e74bde
-
SHA1
531904218d798930796fb6019811be5a1765fd11
-
SHA256
bc33970f8fd9d889e5e9139a27eb1b7e896d303b2486b4f8a81b22db03c7aad3
-
SHA512
5c91ae537fd5a135773a0b41e942f06a1f2eaf43c089ab1c2679133bfc64969c9efb29f892acc24d2366501184d7ca29664f0a8c0772eaca82f7b22bc92dc888
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-