General
-
Target
proforma invoice.docx
-
Size
10KB
-
Sample
210622-qhmdz1r8pn
-
MD5
82f8c629f87ee2817431ee1caae6500c
-
SHA1
39ab645187be422bef46f84c50e8dde6e382383a
-
SHA256
1e5c7d755892b33d04097940dbc716232e7bde143119d25b282c532c242b5f7a
-
SHA512
638b4f924fac05dd81a7063cdef8bd71172ccb12223f64a746ab919d70613bc75c83c1fd861cee7f3402de1c6d8b9e77e8363d17bea904b5dcb13635e73edc43
Static task
static1
Behavioral task
behavioral1
Sample
proforma invoice.docx
Resource
win7v20210410
Behavioral task
behavioral2
Sample
proforma invoice.docx
Resource
win10v20210408
Malware Config
Extracted
http://0147.0205.0152.0220/....---------------------------------/...............................................wiz
Targets
-
-
Target
proforma invoice.docx
-
Size
10KB
-
MD5
82f8c629f87ee2817431ee1caae6500c
-
SHA1
39ab645187be422bef46f84c50e8dde6e382383a
-
SHA256
1e5c7d755892b33d04097940dbc716232e7bde143119d25b282c532c242b5f7a
-
SHA512
638b4f924fac05dd81a7063cdef8bd71172ccb12223f64a746ab919d70613bc75c83c1fd861cee7f3402de1c6d8b9e77e8363d17bea904b5dcb13635e73edc43
Score8/10-
Blocklisted process makes network request
-
Abuses OpenXML format to download file from external location
-