0b5450047f5d2d2a2710902083aba25bd1999e9378fab3e885a90586c8f274e9 | Triage

Submit
Reports

Overview

overview

Static

static

8

direct 010.21.doc

windows7_x64

direct 010.21.doc

windows10_x64

Sharing

General

Target

direct 010.21.doc
Size

34KB
Sample

211021-s37qcsbdbk
MD5

cbfc543998fd4a558517ae61338c48f3
SHA1

779894322ce9ce5fded2aca4ad8717f8aea63ea3
SHA256

0b5450047f5d2d2a2710902083aba25bd1999e9378fab3e885a90586c8f274e9
SHA512

bf0a8a2cc66c4ba467b598bd97f5d4c110443757b6541e4773f07ace795005a5abc517c0ddeb6d99976e1a800181d7bf5ac327e2ad0315542b7845bcb44898f6

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

direct 010.21.doc

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

direct 010.21.doc

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  direct 010.21.doc
- Size
  
  34KB
- MD5
  
  cbfc543998fd4a558517ae61338c48f3
- SHA1
  
  779894322ce9ce5fded2aca4ad8717f8aea63ea3
- SHA256
  
  0b5450047f5d2d2a2710902083aba25bd1999e9378fab3e885a90586c8f274e9
- SHA512
  
  bf0a8a2cc66c4ba467b598bd97f5d4c110443757b6541e4773f07ace795005a5abc517c0ddeb6d99976e1a800181d7bf5ac327e2ad0315542b7845bcb44898f6
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy