General

  • Target

    report-010.21.doc

  • Size

    34KB

  • Sample

    211021-1fgjnabgbk

  • MD5

    b5aeb8860efdadb611317b402c5c2041

  • SHA1

    529499499ecc872c36dc6883a8b26f9233cbe335

  • SHA256

    65268850ea8acf0d95948bee63f12e251526355fb456ba2432a82523bf11c654

  • SHA512

    0cc703ac915d52670c2eab3f19320ff0550cc38a41cb104793944c9d7ca4aa6df453f50deb7406dda00c7af431796ecfc6fb807f30d90cc931aa6f7b8627bf40

Score
10/10

Malware Config

Targets

    • Target

      report-010.21.doc

    • Size

      34KB

    • MD5

      b5aeb8860efdadb611317b402c5c2041

    • SHA1

      529499499ecc872c36dc6883a8b26f9233cbe335

    • SHA256

      65268850ea8acf0d95948bee63f12e251526355fb456ba2432a82523bf11c654

    • SHA512

      0cc703ac915d52670c2eab3f19320ff0550cc38a41cb104793944c9d7ca4aa6df453f50deb7406dda00c7af431796ecfc6fb807f30d90cc931aa6f7b8627bf40

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks