General
-
Target
ORD.ppt
-
Size
81KB
-
Sample
210722-yw5vymblkn
-
MD5
fb68f8be8c75736c63464b924ff7c33b
-
SHA1
6546c3af939be5e2a2bce5c03a8d89ec562665f6
-
SHA256
730791498e622e20755f6b0100dd78dc66fd2e99f85aecf1d55626960c1260de
-
SHA512
ef05425c38e63c78099ec4f43c80e9368d53890c75c19470d9dd715fcd169e3af7eec63a5fc078a2fba886974e962ed95fec3a26d3f5b71b079508cf2cc270de
Static task
static1
Behavioral task
behavioral1
Sample
ORD.ppt
Resource
win7v20210408
Behavioral task
behavioral2
Sample
ORD.ppt
Resource
win10v20210410
Malware Config
Targets
-
-
Target
ORD.ppt
-
Size
81KB
-
MD5
fb68f8be8c75736c63464b924ff7c33b
-
SHA1
6546c3af939be5e2a2bce5c03a8d89ec562665f6
-
SHA256
730791498e622e20755f6b0100dd78dc66fd2e99f85aecf1d55626960c1260de
-
SHA512
ef05425c38e63c78099ec4f43c80e9368d53890c75c19470d9dd715fcd169e3af7eec63a5fc078a2fba886974e962ed95fec3a26d3f5b71b079508cf2cc270de
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-