6b94e6319e46f52058d5f0c1bc07d7e367152e3bb769f2fd1af097914fe64ce3 | Triage

Submit
Reports

Overview

overview

Static

static

order_07.21.doc

windows7_x64

order_07.21.doc

windows10_x64

Sharing

General

Target

order_07.21.doc
Size

87KB
Sample

210722-7eytmvrhpa
MD5

401b19c454075d52bd832725f3c22cfe
SHA1

088f76c184a0cba673abc41bd5582e4e21672fdd
SHA256

6b94e6319e46f52058d5f0c1bc07d7e367152e3bb769f2fd1af097914fe64ce3
SHA512

b83ddf0a5dc6174591e0c07a1b87f5ffb5a1efa731913707829195415bed70a5dff43d9669e948e509fd3e77d15986391e1e01b9344c2694dd1b0fba5b87f894

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

order_07.21.doc

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

order_07.21.doc

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  order_07.21.doc
- Size
  
  87KB
- MD5
  
  401b19c454075d52bd832725f3c22cfe
- SHA1
  
  088f76c184a0cba673abc41bd5582e4e21672fdd
- SHA256
  
  6b94e6319e46f52058d5f0c1bc07d7e367152e3bb769f2fd1af097914fe64ce3
- SHA512
  
  b83ddf0a5dc6174591e0c07a1b87f5ffb5a1efa731913707829195415bed70a5dff43d9669e948e509fd3e77d15986391e1e01b9344c2694dd1b0fba5b87f894
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy