General
-
Target
maldoc.bin
-
Size
68KB
-
Sample
210513-qyq3j7ejea
-
MD5
7abe6d890f58d5a0b421edb2d4eed932
-
SHA1
a9c31dbfd581bcbb7236c828c6cc9dac13dbc6be
-
SHA256
02e62eeb73ac0c0fa55cc203fbee23420a848cf991106eca3f75e8863a0cb4e5
-
SHA512
488a7397cf9644c42a8b5a831f4a0e3a2ad99fc4cb7fe4d617ee8bd4085459f54a34be868c752c57375bba10e6dfa9ac5f7424aa0bb233943c1cb48f5d95bebc
Static task
static1
Behavioral task
behavioral1
Sample
maldoc.bin.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
maldoc.bin.doc
Resource
win10v20210408
Malware Config
Targets
-
-
Target
maldoc.bin
-
Size
68KB
-
MD5
7abe6d890f58d5a0b421edb2d4eed932
-
SHA1
a9c31dbfd581bcbb7236c828c6cc9dac13dbc6be
-
SHA256
02e62eeb73ac0c0fa55cc203fbee23420a848cf991106eca3f75e8863a0cb4e5
-
SHA512
488a7397cf9644c42a8b5a831f4a0e3a2ad99fc4cb7fe4d617ee8bd4085459f54a34be868c752c57375bba10e6dfa9ac5f7424aa0bb233943c1cb48f5d95bebc
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-