Overview

overview

10

Static

static

8

DWH2B04.doc

windows7_x64

10

DWH2B04.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WDATP_File_Sample_d812a1bd6cd29c2d262407d51cb22b2b07ccceed.zip

  • Size

    64KB

  • Sample

    210303-yj59t68spe

  • MD5

    9d50ee5334ccf54c153ef905ce8534b2

  • SHA1

    f720eb6a1404c49e4f459b1f0584adb50ecd6458

  • SHA256

    35133e271ff32a90cb25e9f28dc452eba03af3c7dba4fa40e38979c715352b1a

  • SHA512

    51d41b4e4ac84bafaede60da83b44f59eeac40f28d73ed5614ae2e2ac0acdf9261d468385af151ad015ec7898e5d6d52194715df8a7e5217d4ac15dc841e0e47

Score
10/10
macro

Malware Config

Targets

    • Target

      DWH2B04.doc

    • Size

      77KB

    • MD5

      c9cc2b74dd08bf4d0847063408ba0456

    • SHA1

      d812a1bd6cd29c2d262407d51cb22b2b07ccceed

    • SHA256

      0cd5b492cc849b19858492a05fd441012f302ea297085c5ff4cbb752f64fccba

    • SHA512

      6fb4d6495deba74abb313468bc3a2a209727a776f0b88706de101a5f904331677e6a73b348a1ed87cd3457a8ae130cdf41538edb86cd9eac8acfc0b700db4c78

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks