General
-
Target
MY CV.doc
-
Size
301KB
-
Sample
210122-qnt3123jj2
-
MD5
60cd8639fa751aae2797b383518e4014
-
SHA1
521f95888c534e2b6492398840bb9b0b0d135def
-
SHA256
4caadd38135ab5b1995f116ddb24e6080cf710882640f444465dc0fc09c2cbf3
-
SHA512
a6ea21bced6072176df5774729ea559772f404abe875d1cbf4344b12341adf4d5c7c1d94eaa1ebfea7c79f44fca947daa9a28e8cd039749a43fbb88e004d5af6
Static task
static1
Behavioral task
behavioral1
Sample
MY CV.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
MY CV.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
MY CV.doc
-
Size
301KB
-
MD5
60cd8639fa751aae2797b383518e4014
-
SHA1
521f95888c534e2b6492398840bb9b0b0d135def
-
SHA256
4caadd38135ab5b1995f116ddb24e6080cf710882640f444465dc0fc09c2cbf3
-
SHA512
a6ea21bced6072176df5774729ea559772f404abe875d1cbf4344b12341adf4d5c7c1d94eaa1ebfea7c79f44fca947daa9a28e8cd039749a43fbb88e004d5af6
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-