7e62faffb62feaab58ebbf73204c4166669a857fd93c2a019e55d740929bc1f5 | Triage

Submit
Reports

Overview

overview

8

Static

static

RFQ _ T-62...rs.doc

windows7_x64

8

RFQ _ T-62...rs.doc

windows10_x64

1

Sharing

General

Target

RFQ _ T-628 _ DI fire detectors.doc
Size

4KB
Sample

210504-yq5pla7mq6
MD5

7d3904d6c520a459b57d804bc54e313a
SHA1

5d00835d8c1933d5c6f4202caf449159575ae047
SHA256

7e62faffb62feaab58ebbf73204c4166669a857fd93c2a019e55d740929bc1f5
SHA512

466f04e9660ef1910b09e8704ac2ed0a6f1ea6e7b8b70f4211b7e6006ff598c3f562d937c38236f365148becd1833f95dc5e566a172b4fd55cd3aa55da1a6b11

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

RFQ _ T-628 _ DI fire detectors.doc

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ _ T-628 _ DI fire detectors.doc

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  RFQ _ T-628 _ DI fire detectors.doc
- Size
  
  4KB
- MD5
  
  7d3904d6c520a459b57d804bc54e313a
- SHA1
  
  5d00835d8c1933d5c6f4202caf449159575ae047
- SHA256
  
  7e62faffb62feaab58ebbf73204c4166669a857fd93c2a019e55d740929bc1f5
- SHA512
  
  466f04e9660ef1910b09e8704ac2ed0a6f1ea6e7b8b70f4211b7e6006ff598c3f562d937c38236f365148becd1833f95dc5e566a172b4fd55cd3aa55da1a6b11
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy