Overview

overview

10

Static

static

8

e75b2858a8...08.doc

windows7_x64

10

e75b2858a8...08.doc

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e75b2858a88962cfb7818a6908ad01a9682b0074e5f996cede0f59c8a83a3908

  • Size

    71KB

  • Sample

    220201-dnb8ksgch2

  • MD5

    451ba7b81467b1f901b347d94e0b8bd8

  • SHA1

    62b4acdf2515930af282ffac34e6e7e7bba8366c

  • SHA256

    e75b2858a88962cfb7818a6908ad01a9682b0074e5f996cede0f59c8a83a3908

  • SHA512

    1f1489718d4c28d29c7f6eae0a619cd28e84e745ba83b83b7269559e6625fa5c506930b7c9c8bb76b8030605f6f0ab589674d569bd9fc9573abe8958bafbd72a

Score
10/10
macro

Malware Config

Targets

    • Target

      e75b2858a88962cfb7818a6908ad01a9682b0074e5f996cede0f59c8a83a3908

    • Size

      71KB

    • MD5

      451ba7b81467b1f901b347d94e0b8bd8

    • SHA1

      62b4acdf2515930af282ffac34e6e7e7bba8366c

    • SHA256

      e75b2858a88962cfb7818a6908ad01a9682b0074e5f996cede0f59c8a83a3908

    • SHA512

      1f1489718d4c28d29c7f6eae0a619cd28e84e745ba83b83b7269559e6625fa5c506930b7c9c8bb76b8030605f6f0ab589674d569bd9fc9573abe8958bafbd72a

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks