791a45eee838e037f6101691af2417eee3b5cccb96e9e9ab25ffce679471a6d9 | Triage

Submit
Reports

Overview

overview

Static

static

8

instruct 05.21.doc

windows7_x64

instruct 05.21.doc

windows10_x64

Sharing

General

Target

instruct 05.21.doc
Size

79KB
Sample

210510-anywj7yq82
MD5

bf286f85a3b7893bead31dbe09feec4d
SHA1

2c174a0a7dd939c186d99e6930176937e5c004e0
SHA256

791a45eee838e037f6101691af2417eee3b5cccb96e9e9ab25ffce679471a6d9
SHA512

fe88b0942223abd00218ec8712c12f399b6139d66ec74fc42acef0a085307057a2030c2c97eb68b935ac72d3ee9e62f6e645ab34fc950dc9617a2eb8f270e966

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

instruct 05.21.doc

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

instruct 05.21.doc

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  instruct 05.21.doc
- Size
  
  79KB
- MD5
  
  bf286f85a3b7893bead31dbe09feec4d
- SHA1
  
  2c174a0a7dd939c186d99e6930176937e5c004e0
- SHA256
  
  791a45eee838e037f6101691af2417eee3b5cccb96e9e9ab25ffce679471a6d9
- SHA512
  
  fe88b0942223abd00218ec8712c12f399b6139d66ec74fc42acef0a085307057a2030c2c97eb68b935ac72d3ee9e62f6e645ab34fc950dc9617a2eb8f270e966
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy