26ff73d61dd6b810ed9e69aa74426b3934e3d575ac5a7c5b15eb889b8b927add | Triage

Submit
Reports

Overview

overview

Static

static

8

material,010.21.doc

windows7_x64

material,010.21.doc

windows10_x64

Sharing

General

Target

material,010.21.doc
Size

34KB
Sample

211021-s4c75sbdbm
MD5

dc73aee9c97fb76e959bb258ded63cac
SHA1

701f8a6067cee2dbde89f7a2445d862f5a272234
SHA256

26ff73d61dd6b810ed9e69aa74426b3934e3d575ac5a7c5b15eb889b8b927add
SHA512

86456549ef6ec06554ffcbc0696cf2d5448f03387a6408cb88f07c66e0986eb6e925ae65b1695c1fa48a1e4448eaff78e8b9d6216b97073666ff1e3db2355451

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

material,010.21.doc

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

material,010.21.doc

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  material,010.21.doc
- Size
  
  34KB
- MD5
  
  dc73aee9c97fb76e959bb258ded63cac
- SHA1
  
  701f8a6067cee2dbde89f7a2445d862f5a272234
- SHA256
  
  26ff73d61dd6b810ed9e69aa74426b3934e3d575ac5a7c5b15eb889b8b927add
- SHA512
  
  86456549ef6ec06554ffcbc0696cf2d5448f03387a6408cb88f07c66e0986eb6e925ae65b1695c1fa48a1e4448eaff78e8b9d6216b97073666ff1e3db2355451
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy