bc692c42c9c300e9ea559d6cdd74239d85339b60918b1c712db7078c1298421a | Triage

Submit
Reports

Overview

overview

Static

static

8

Request fo...Q).ppt

windows7_x64

Request fo...Q).ppt

windows10_x64

Sharing

General

Target

Request for Quotation via ShipServ 7465649870 RFQ).ppt
Size

66KB
Sample

210305-ver8y4ekt6
MD5

e4405847f94ce7a7ff1cf42754030467
SHA1

3c183881bab3a09576a24da6c6aceaf106e97f1b
SHA256

bc692c42c9c300e9ea559d6cdd74239d85339b60918b1c712db7078c1298421a
SHA512

cf8f7b945ae3df26e929cb28c1eeb0e3dd27620dd92c4c8749e2d18a226bcda6540ce36fcedd02c4f0d0333e5129b66d12e86b8a8d7298662d6b2dc3c027c6b9

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

Request for Quotation via ShipServ 7465649870 RFQ).ppt

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Request for Quotation via ShipServ 7465649870 RFQ).ppt

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Request for Quotation via ShipServ 7465649870 RFQ).ppt
- Size
  
  66KB
- MD5
  
  e4405847f94ce7a7ff1cf42754030467
- SHA1
  
  3c183881bab3a09576a24da6c6aceaf106e97f1b
- SHA256
  
  bc692c42c9c300e9ea559d6cdd74239d85339b60918b1c712db7078c1298421a
- SHA512
  
  cf8f7b945ae3df26e929cb28c1eeb0e3dd27620dd92c4c8749e2d18a226bcda6540ce36fcedd02c4f0d0333e5129b66d12e86b8a8d7298662d6b2dc3c027c6b9
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy