General
-
Target
Liste397__12.01.2021_Carsamba.docx
-
Size
208KB
-
Sample
210114-xyzq9ek6j2
-
MD5
dc41aa50be50697423ef1d266b9b1050
-
SHA1
6c90e082b24ceddbc02176be64a2f914e813ab48
-
SHA256
69275397c8f8bdc2b2f24c960375d9301a472a70b5f48f3ef4d72e2958e05a87
-
SHA512
a3f22a198cbca0dfddbebeb97a5eb32a2e327ed3d072b2fcb6f37ff44c863e93e47ee1fd436ca1f48109d52495fe1864f258b0622bbac7e5dc6a59d36e5d3a99
Static task
static1
Behavioral task
behavioral1
Sample
Liste397__12.01.2021_Carsamba.docx
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Liste397__12.01.2021_Carsamba.docx
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Liste397__12.01.2021_Carsamba.docx
-
Size
208KB
-
MD5
dc41aa50be50697423ef1d266b9b1050
-
SHA1
6c90e082b24ceddbc02176be64a2f914e813ab48
-
SHA256
69275397c8f8bdc2b2f24c960375d9301a472a70b5f48f3ef4d72e2958e05a87
-
SHA512
a3f22a198cbca0dfddbebeb97a5eb32a2e327ed3d072b2fcb6f37ff44c863e93e47ee1fd436ca1f48109d52495fe1864f258b0622bbac7e5dc6a59d36e5d3a99
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-