General
-
Target
dictate 010.21.doc
-
Size
34KB
-
Sample
211020-zncp1aheh9
-
MD5
3128a1aa061355d275cd323336148c4a
-
SHA1
63b5fba4691c68f0c268fd65b6dda64150b4facc
-
SHA256
1cdae1a82f4320ba429c8aa6cb7b9236bae8edcf5fe67b79242aa0dcce157060
-
SHA512
04d1e8e2b360a87f2e37a1d036cd415c4078546577cdc02528e1f32c64df917b86bb95a011e8b36eed30d3c18bf1633db458feb5140c28e076c2b170f621559a
Static task
static1
Behavioral task
behavioral1
Sample
dictate 010.21.doc
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
dictate 010.21.doc
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
dictate 010.21.doc
-
Size
34KB
-
MD5
3128a1aa061355d275cd323336148c4a
-
SHA1
63b5fba4691c68f0c268fd65b6dda64150b4facc
-
SHA256
1cdae1a82f4320ba429c8aa6cb7b9236bae8edcf5fe67b79242aa0dcce157060
-
SHA512
04d1e8e2b360a87f2e37a1d036cd415c4078546577cdc02528e1f32c64df917b86bb95a011e8b36eed30d3c18bf1633db458feb5140c28e076c2b170f621559a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-