8c90ad677c661e7a71283c828b3d437d086ff2aad3b78b792769b10a67ce8bd8 | Triage

Submit
Reports

Overview

overview

Static

static

8

tell,010.21.doc

windows7_x64

tell,010.21.doc

windows10_x64

Sharing

General

Target

tell,010.21.doc
Size

69KB
Sample

211014-vmhgmsaae2
MD5

323747e2d169559c5180e60e8631bec1
SHA1

68b3c0687e9aec590fb605d54e4b548547be4154
SHA256

8c90ad677c661e7a71283c828b3d437d086ff2aad3b78b792769b10a67ce8bd8
SHA512

5a257c2a2580d61e422568055c65ea299992b0c9dc8c3fdb889a0be60659529b947dde4afc0de0e3e45c862b04c5f7fc79910fb05f60fa036cba389d990b35c5

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

tell,010.21.doc

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tell,010.21.doc

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tell,010.21.doc
- Size
  
  69KB
- MD5
  
  323747e2d169559c5180e60e8631bec1
- SHA1
  
  68b3c0687e9aec590fb605d54e4b548547be4154
- SHA256
  
  8c90ad677c661e7a71283c828b3d437d086ff2aad3b78b792769b10a67ce8bd8
- SHA512
  
  5a257c2a2580d61e422568055c65ea299992b0c9dc8c3fdb889a0be60659529b947dde4afc0de0e3e45c862b04c5f7fc79910fb05f60fa036cba389d990b35c5
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy