General
-
Target
LATE ESTATE GOVENDER.docx
-
Size
10KB
-
Sample
210520-1h1rpz6h72
-
MD5
ecb02fbc03e5081a20ee10b35eb1efe8
-
SHA1
d41872cf3b63ef4b2292c3aed946e8515d2b9dda
-
SHA256
ff71526ee8d92ee36f36e5daa68bfc81e64a71931b2baf14b350a38d25ac5f10
-
SHA512
cc23a244487612e9c317e4b9d07b73e1315f25257aa60f6b9bb84bc9dbf3c4c16e59e561a0301c3dd4376a314abde733f212d43fde0c2c924e047a8b1ac65e2f
Static task
static1
Behavioral task
behavioral1
Sample
LATE ESTATE GOVENDER.docx
Resource
win7v20210408
Behavioral task
behavioral2
Sample
LATE ESTATE GOVENDER.docx
Resource
win10v20210408
Malware Config
Extracted
http://wordfiletransfertocustomer.mangospot.net/-.......................................-.........................-/...........................................wbk
Targets
-
-
Target
LATE ESTATE GOVENDER.docx
-
Size
10KB
-
MD5
ecb02fbc03e5081a20ee10b35eb1efe8
-
SHA1
d41872cf3b63ef4b2292c3aed946e8515d2b9dda
-
SHA256
ff71526ee8d92ee36f36e5daa68bfc81e64a71931b2baf14b350a38d25ac5f10
-
SHA512
cc23a244487612e9c317e4b9d07b73e1315f25257aa60f6b9bb84bc9dbf3c4c16e59e561a0301c3dd4376a314abde733f212d43fde0c2c924e047a8b1ac65e2f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Abuses OpenXML format to download file from external location
-