b5d33f100cfaf6088a506807168093ece7872d028b05bd706158cbb1171a50a0 | Triage

Submit
Reports

Overview

overview

Static

static

8

587faadcbc...c8.doc

windows7_x64

587faadcbc...c8.doc

windows10_x64

1

Sharing

General

Target

587faadcbc9befc18e0a30e113cfa7c8.doc
Size

323KB
Sample

210308-dkpkheexvx
MD5

587faadcbc9befc18e0a30e113cfa7c8
SHA1

5b98b9e81a551f59a93b135e1920fd7c8a348829
SHA256

b5d33f100cfaf6088a506807168093ece7872d028b05bd706158cbb1171a50a0
SHA512

82c7f911ab1016ecea045d6692fb06cd61eb9d1f3b2743d40b877422cf4b9e22513a4034e2a6ed26cfde466ad24d5497d8098ab9971da73645169ae618805b9f

Score

10^/10

macro macro_on_action

Static task

static1

macro macro_on_action

Behavioral task

behavioral1

Sample

587faadcbc9befc18e0a30e113cfa7c8.doc

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

587faadcbc9befc18e0a30e113cfa7c8.doc

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  587faadcbc9befc18e0a30e113cfa7c8.doc
- Size
  
  323KB
- MD5
  
  587faadcbc9befc18e0a30e113cfa7c8
- SHA1
  
  5b98b9e81a551f59a93b135e1920fd7c8a348829
- SHA256
  
  b5d33f100cfaf6088a506807168093ece7872d028b05bd706158cbb1171a50a0
- SHA512
  
  82c7f911ab1016ecea045d6692fb06cd61eb9d1f3b2743d40b877422cf4b9e22513a4034e2a6ed26cfde466ad24d5497d8098ab9971da73645169ae618805b9f
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy