e84ebc631097ce15d13619b704d140da2398f7b1502be388f5081ebe66c6aedf | Triage

Submit
Reports

Overview

overview

8

Static

static

Impact of ...an.doc

windows7_x64

8

Sharing

General

Target

Impact of US and NATO Withdrawal from Afghanistan.doc
Size

125KB
Sample

210712-vrdhabjl9x
MD5

9fae1aa8db790fac114359c34425a727
SHA1

ccc402845b46285d04d1d45db964f3c1a0df51d5
SHA256

e84ebc631097ce15d13619b704d140da2398f7b1502be388f5081ebe66c6aedf
SHA512

6263f15c93131a11b851192dd92c4e179983c0c89f94a60cb194577dffb7590dd465545a292a09ac0d9c291f66492c17473f66eb1609391bdb8487b047ba5b99

Score

8^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

Impact of US and NATO Withdrawal from Afghanistan.doc

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Impact of US and NATO Withdrawal from Afghanistan.doc
- Size
  
  125KB
- MD5
  
  9fae1aa8db790fac114359c34425a727
- SHA1
  
  ccc402845b46285d04d1d45db964f3c1a0df51d5
- SHA256
  
  e84ebc631097ce15d13619b704d140da2398f7b1502be388f5081ebe66c6aedf
- SHA512
  
  6263f15c93131a11b851192dd92c4e179983c0c89f94a60cb194577dffb7590dd465545a292a09ac0d9c291f66492c17473f66eb1609391bdb8487b047ba5b99
Score

8^/10

macro xlm
- Blocklisted process makes network request
- Executes dropped EXE
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Abuses OpenXML format to download file from external location
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Exploitation for Client Execution

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy