General
-
Target
rheinmetall_job_requirements.doc
-
Size
1.4MB
-
Sample
210505-sbl9r7g4ba
-
MD5
f86fb4a63cdff302af2ccf2b2663d757
-
SHA1
3d57c7680f3f9351164f75a7d477a815e39b0389
-
SHA256
ffec6e6d4e314f64f5d31c62024252abde7f77acdd63991cb16923ff17828885
-
SHA512
ca6ae1fb6c50e1915e320e7dd6a663bb4fbd0f537a5ab6d3135e07ea69e57e5a9113703378c7b72c9598cb8aea8750a5d35e1d03a097ceb25cc486cf29f80cf4
Static task
static1
Behavioral task
behavioral1
Sample
rheinmetall_job_requirements.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
rheinmetall_job_requirements.doc
Resource
win10v20210410
Malware Config
Targets
-
-
Target
rheinmetall_job_requirements.doc
-
Size
1.4MB
-
MD5
f86fb4a63cdff302af2ccf2b2663d757
-
SHA1
3d57c7680f3f9351164f75a7d477a815e39b0389
-
SHA256
ffec6e6d4e314f64f5d31c62024252abde7f77acdd63991cb16923ff17828885
-
SHA512
ca6ae1fb6c50e1915e320e7dd6a663bb4fbd0f537a5ab6d3135e07ea69e57e5a9113703378c7b72c9598cb8aea8750a5d35e1d03a097ceb25cc486cf29f80cf4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-