General
-
Target
List-1784049.doc
-
Size
173KB
-
Sample
210303-w5ydwmvgme
-
MD5
eb443d24f4b23bb2237618939710b264
-
SHA1
d4580dcd975342df4ff019ba06c06334e35b5c04
-
SHA256
360933d3dc4789e0447d2ac88505be8be991ff6bb94dbf51524d5a368d77a1a4
-
SHA512
a374a1e77a6bbd920efcc3a8ec2700eada52c160bedf147c1ba79f5dce1ce7def33bb842426f483149da8457a9b7d67bf654c05b4bbf8cd3d570df04c1350c35
Static task
static1
Behavioral task
behavioral1
Sample
List-1784049.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
List-1784049.doc
Resource
win10v20201028
Malware Config
Extracted
http://globaliaespacios.com/wp-includes/OXjBq028664/
http://lupusalimentos.com.br/assinatura/ooJNJihAvv/
https://maniot.com/TN3611948/
https://mickreevesmodels.co.uk/micks_chat/bzqL9/
http://markantes.com/jason/QuPn889/
Targets
-
-
Target
List-1784049.doc
-
Size
173KB
-
MD5
eb443d24f4b23bb2237618939710b264
-
SHA1
d4580dcd975342df4ff019ba06c06334e35b5c04
-
SHA256
360933d3dc4789e0447d2ac88505be8be991ff6bb94dbf51524d5a368d77a1a4
-
SHA512
a374a1e77a6bbd920efcc3a8ec2700eada52c160bedf147c1ba79f5dce1ce7def33bb842426f483149da8457a9b7d67bf654c05b4bbf8cd3d570df04c1350c35
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-