General
-
Target
da399252_by_Libranalysis
-
Size
68KB
-
Sample
210510-x4crppexyj
-
MD5
da3992522a61736e5dbc5c32978f05fe
-
SHA1
670f0d608571fa8d799a98232cf2c16e8ccb9289
-
SHA256
e6afaabd1e4a2c7adeedca6ee0ed095271a53a293162e3cf7ed52d570279258e
-
SHA512
a2c3eee48add8eabf4fbe86a9e699fda302c143823f6ea3a629becf03d3d539aacfeabce52514e4b73e0db6d827031aec13e576a113f0aec92d0f7eb92f1c32a
Static task
static1
Behavioral task
behavioral1
Sample
da399252_by_Libranalysis.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
da399252_by_Libranalysis.doc
Resource
win10v20210410
Malware Config
Targets
-
-
Target
da399252_by_Libranalysis
-
Size
68KB
-
MD5
da3992522a61736e5dbc5c32978f05fe
-
SHA1
670f0d608571fa8d799a98232cf2c16e8ccb9289
-
SHA256
e6afaabd1e4a2c7adeedca6ee0ed095271a53a293162e3cf7ed52d570279258e
-
SHA512
a2c3eee48add8eabf4fbe86a9e699fda302c143823f6ea3a629becf03d3d539aacfeabce52514e4b73e0db6d827031aec13e576a113f0aec92d0f7eb92f1c32a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-