Overview

overview

8

Static

static

8

bc33970f8f...d3.doc

windows7_x64

5

bc33970f8f...d3.doc

windows10_x64

5

Resubmissions

21-01-2021 15:23

210121-ljpevdw1ve 8

17-12-2020 22:10

201217-t143zp7zpa 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc33970f8fd9d889e5e9139a27eb1b7e896d303b2486b4f8a81b22db03c7aad3.doc

  • Size

    59KB

  • Sample

    210121-ljpevdw1ve

  • MD5

    3f800c4e7499313d94e7b5b340e74bde

  • SHA1

    531904218d798930796fb6019811be5a1765fd11

  • SHA256

    bc33970f8fd9d889e5e9139a27eb1b7e896d303b2486b4f8a81b22db03c7aad3

  • SHA512

    5c91ae537fd5a135773a0b41e942f06a1f2eaf43c089ab1c2679133bfc64969c9efb29f892acc24d2366501184d7ca29664f0a8c0772eaca82f7b22bc92dc888

Score
8/10
macroransomware

Malware Config

Targets

    • Target

      bc33970f8fd9d889e5e9139a27eb1b7e896d303b2486b4f8a81b22db03c7aad3.doc

    • Size

      59KB

    • MD5

      3f800c4e7499313d94e7b5b340e74bde

    • SHA1

      531904218d798930796fb6019811be5a1765fd11

    • SHA256

      bc33970f8fd9d889e5e9139a27eb1b7e896d303b2486b4f8a81b22db03c7aad3

    • SHA512

      5c91ae537fd5a135773a0b41e942f06a1f2eaf43c089ab1c2679133bfc64969c9efb29f892acc24d2366501184d7ca29664f0a8c0772eaca82f7b22bc92dc888

    Score
    5/10
    ransomware

    • Enumerates physical storage devices

      Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks