General
-
Target
0120_91448090.doc
-
Size
714KB
-
Sample
210120-vbcf97c9tj
-
MD5
838c2a21783dfaa3bda9813f0e32cf89
-
SHA1
b4beab0f75d1462f3509b15319545c1f18c91449
-
SHA256
f068b16458493f485c6fa0e77281126c6672c76a4cfa0beb195cf180894e674f
-
SHA512
d1f3a3d923f54c2fdcce25933b9f7acf3efb538cdb732dd8a347ec27616ca5d977e4e03c4813a62042609cce6d3ae0933ca2872ebfd4f76eb2cd170c1dded116
Static task
static1
Behavioral task
behavioral1
Sample
0120_91448090.doc
Resource
win7v20201028
Malware Config
Targets
-
-
Target
0120_91448090.doc
-
Size
714KB
-
MD5
838c2a21783dfaa3bda9813f0e32cf89
-
SHA1
b4beab0f75d1462f3509b15319545c1f18c91449
-
SHA256
f068b16458493f485c6fa0e77281126c6672c76a4cfa0beb195cf180894e674f
-
SHA512
d1f3a3d923f54c2fdcce25933b9f7acf3efb538cdb732dd8a347ec27616ca5d977e4e03c4813a62042609cce6d3ae0933ca2872ebfd4f76eb2cd170c1dded116
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-