General
-
Target
instrument indenture-05.21.doc
-
Size
78KB
-
Sample
210510-wlgsc6p9nj
-
MD5
b8a5d644bbe659e619ac0dde076960d9
-
SHA1
77700989ee5b3ef04e0469a7a4d13c90b074f6aa
-
SHA256
1ed65f0a0c90e54e57fd37a9abf4aecd383dbf79b62016bd4f59e092b3b24606
-
SHA512
8ec672a25693772850ab5caeb3a1b0db7fb3b1cbdd24f368fb705b2810528d5a3ede9fff3e537541f4ef69a611599a28b804ff68ed5b8163b558e24654669429
Static task
static1
Behavioral task
behavioral1
Sample
instrument indenture-05.21.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
instrument indenture-05.21.doc
Resource
win10v20210410
Malware Config
Targets
-
-
Target
instrument indenture-05.21.doc
-
Size
78KB
-
MD5
b8a5d644bbe659e619ac0dde076960d9
-
SHA1
77700989ee5b3ef04e0469a7a4d13c90b074f6aa
-
SHA256
1ed65f0a0c90e54e57fd37a9abf4aecd383dbf79b62016bd4f59e092b3b24606
-
SHA512
8ec672a25693772850ab5caeb3a1b0db7fb3b1cbdd24f368fb705b2810528d5a3ede9fff3e537541f4ef69a611599a28b804ff68ed5b8163b558e24654669429
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Blocklisted process makes network request
-