General
-
Target
legal paper-06.18.2021.doc
-
Size
45KB
-
Sample
210618-8kq2hf4l36
-
MD5
431c63dfcdbee4be13b948b6340382ce
-
SHA1
f60de0bd4c89c99fc385f72636f50135387a3121
-
SHA256
9c3557c82143354e46734497c9237af055f29f8335460e26867e2662ca38926c
-
SHA512
f6471d7b7393dd2b5febbdde0b0ae4bf86fa3418afcb7443e906e0ca717d8700cbb86fcc0995cdd8667a87f349706f02956f1906033a3fe68644eced092f5b41
Static task
static1
Behavioral task
behavioral1
Sample
legal paper-06.18.2021.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
legal paper-06.18.2021.doc
Resource
win10v20210410
Malware Config
Extracted
gozi_ifsb
6000
authd.feronok.com
app.bighomegl.at
-
build
250204
-
exe_type
loader
-
server_id
580
Targets
-
-
Target
legal paper-06.18.2021.doc
-
Size
45KB
-
MD5
431c63dfcdbee4be13b948b6340382ce
-
SHA1
f60de0bd4c89c99fc385f72636f50135387a3121
-
SHA256
9c3557c82143354e46734497c9237af055f29f8335460e26867e2662ca38926c
-
SHA512
f6471d7b7393dd2b5febbdde0b0ae4bf86fa3418afcb7443e906e0ca717d8700cbb86fcc0995cdd8667a87f349706f02956f1906033a3fe68644eced092f5b41
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-
Loads dropped DLL
-