General
-
Target
order_07.21.doc
-
Size
87KB
-
Sample
210722-7eytmvrhpa
-
MD5
401b19c454075d52bd832725f3c22cfe
-
SHA1
088f76c184a0cba673abc41bd5582e4e21672fdd
-
SHA256
6b94e6319e46f52058d5f0c1bc07d7e367152e3bb769f2fd1af097914fe64ce3
-
SHA512
b83ddf0a5dc6174591e0c07a1b87f5ffb5a1efa731913707829195415bed70a5dff43d9669e948e509fd3e77d15986391e1e01b9344c2694dd1b0fba5b87f894
Static task
static1
Behavioral task
behavioral1
Sample
order_07.21.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
order_07.21.doc
Resource
win10v20210410
Malware Config
Targets
-
-
Target
order_07.21.doc
-
Size
87KB
-
MD5
401b19c454075d52bd832725f3c22cfe
-
SHA1
088f76c184a0cba673abc41bd5582e4e21672fdd
-
SHA256
6b94e6319e46f52058d5f0c1bc07d7e367152e3bb769f2fd1af097914fe64ce3
-
SHA512
b83ddf0a5dc6174591e0c07a1b87f5ffb5a1efa731913707829195415bed70a5dff43d9669e948e509fd3e77d15986391e1e01b9344c2694dd1b0fba5b87f894
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-