General
-
Target
WDATP_File_Sample_d812a1bd6cd29c2d262407d51cb22b2b07ccceed.zip
-
Size
64KB
-
Sample
210303-yj59t68spe
-
MD5
9d50ee5334ccf54c153ef905ce8534b2
-
SHA1
f720eb6a1404c49e4f459b1f0584adb50ecd6458
-
SHA256
35133e271ff32a90cb25e9f28dc452eba03af3c7dba4fa40e38979c715352b1a
-
SHA512
51d41b4e4ac84bafaede60da83b44f59eeac40f28d73ed5614ae2e2ac0acdf9261d468385af151ad015ec7898e5d6d52194715df8a7e5217d4ac15dc841e0e47
Static task
static1
Behavioral task
behavioral1
Sample
DWH2B04.doc
Resource
win7v20201028
Behavioral task
behavioral2
Sample
DWH2B04.doc
Resource
win10v20201028
Malware Config
Targets
-
-
Target
DWH2B04.doc
-
Size
77KB
-
MD5
c9cc2b74dd08bf4d0847063408ba0456
-
SHA1
d812a1bd6cd29c2d262407d51cb22b2b07ccceed
-
SHA256
0cd5b492cc849b19858492a05fd441012f302ea297085c5ff4cbb752f64fccba
-
SHA512
6fb4d6495deba74abb313468bc3a2a209727a776f0b88706de101a5f904331677e6a73b348a1ed87cd3457a8ae130cdf41538edb86cd9eac8acfc0b700db4c78
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-