f9e9a63a33278686754cd9ab810f1b19d429c5de3a43fc71407418dbf4a74977 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

bonif_4778965.doc

windows7_x64

5

bonif_4778965.doc

windows10_x64

5

Resubmissions

26-01-2021 15:14

210126-1wjb7tm7tj 8

22-01-2021 06:48

210122-lfe2lye8px 8

Sharing

General

Target

bonif_4778965.doc
Size

81KB
Sample

210122-lfe2lye8px
MD5

f4870c1a4b171f002dc8ea28a974353c
SHA1

5feb29b6f20b663d0bc52ab04dad1cf0abdc8471
SHA256

f9e9a63a33278686754cd9ab810f1b19d429c5de3a43fc71407418dbf4a74977
SHA512

382db2d1c90cd7805b65a1d8d9adf2a944d62589708654eba7bb4833f9e915bf14d8e40e999a572798265cbe08e87e14da48e44e6ffd4ad646f0486aa14ffac0

Score

8^/10

macro ransomware

Static task

static1

Behavioral task

behavioral1

Sample

bonif_4778965.doc

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bonif_4778965.doc

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bonif_4778965.doc
- Size
  
  81KB
- MD5
  
  f4870c1a4b171f002dc8ea28a974353c
- SHA1
  
  5feb29b6f20b663d0bc52ab04dad1cf0abdc8471
- SHA256
  
  f9e9a63a33278686754cd9ab810f1b19d429c5de3a43fc71407418dbf4a74977
- SHA512
  
  382db2d1c90cd7805b65a1d8d9adf2a944d62589708654eba7bb4833f9e915bf14d8e40e999a572798265cbe08e87e14da48e44e6ffd4ad646f0486aa14ffac0
Score

5^/10

ransomware
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy