General
-
Target
July_RQF_SGD894_CODE_ 850.doc
-
Size
43KB
-
Sample
210511-y1h3m3kt5a
-
MD5
3fce454b5a5ba7d73cc2b2560f69a48a
-
SHA1
b9321f7d1bbb1e020b03b676bd23d53e9ff6c17e
-
SHA256
b9c87683d4000e24d419ebe199d2c55dbb9757d5cc8f4e6d9a0295e963cbb07c
-
SHA512
fc35cb2957f15a3cdadf282c1b6d0f876dd710061d7c645618b83a394171723d24ddfecc64d721cb2cb1745e44a283dcc7278d6da9f3a67465e2cb8e760eb943
Static task
static1
Behavioral task
behavioral1
Sample
July_RQF_SGD894_CODE_ 850.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
July_RQF_SGD894_CODE_ 850.doc
Resource
win10v20210408
Malware Config
Extracted
http://atlantastunttruckdrivers.com/Denight.exe
Targets
-
-
Target
July_RQF_SGD894_CODE_ 850.doc
-
Size
43KB
-
MD5
3fce454b5a5ba7d73cc2b2560f69a48a
-
SHA1
b9321f7d1bbb1e020b03b676bd23d53e9ff6c17e
-
SHA256
b9c87683d4000e24d419ebe199d2c55dbb9757d5cc8f4e6d9a0295e963cbb07c
-
SHA512
fc35cb2957f15a3cdadf282c1b6d0f876dd710061d7c645618b83a394171723d24ddfecc64d721cb2cb1745e44a283dcc7278d6da9f3a67465e2cb8e760eb943
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-