General
-
Target
3d0c3f3d464a8229480b6d4a024d2982c72d67942d8ee245dd91da1a26ddd22a
-
Size
670KB
-
Sample
220201-h7lzcaagbl
-
MD5
dfcdb189eafa87b66861d3d110e17f7a
-
SHA1
c05d97f19fe2defb98bad06fcfbc2af447f7e921
-
SHA256
3d0c3f3d464a8229480b6d4a024d2982c72d67942d8ee245dd91da1a26ddd22a
-
SHA512
fdaa7f8fa5276abff70a7bb0b21136e0d6780d5288cda5cc778719c54a26167db50ee16ded04c7be8ee04368d8f1ad4f1bb3ab6a427e1a6d8dc8c85d3b129a25
Static task
static1
Behavioral task
behavioral1
Sample
3d0c3f3d464a8229480b6d4a024d2982c72d67942d8ee245dd91da1a26ddd22a.doc
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
3d0c3f3d464a8229480b6d4a024d2982c72d67942d8ee245dd91da1a26ddd22a.doc
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
3d0c3f3d464a8229480b6d4a024d2982c72d67942d8ee245dd91da1a26ddd22a
-
Size
670KB
-
MD5
dfcdb189eafa87b66861d3d110e17f7a
-
SHA1
c05d97f19fe2defb98bad06fcfbc2af447f7e921
-
SHA256
3d0c3f3d464a8229480b6d4a024d2982c72d67942d8ee245dd91da1a26ddd22a
-
SHA512
fdaa7f8fa5276abff70a7bb0b21136e0d6780d5288cda5cc778719c54a26167db50ee16ded04c7be8ee04368d8f1ad4f1bb3ab6a427e1a6d8dc8c85d3b129a25
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Sets service image path in registry
-
Contains header used in .cmd/.bat files for embedding JavaScript code
-