General
-
Target
4616c3a50e0393ababc925b496f04f3687664e9d1c4b7966485a7a9124047214
-
Size
387KB
-
Sample
220201-mjemksddh2
-
MD5
565717192a35dacce33823a8a7f5f897
-
SHA1
542a54656018b6417320a84deb8e92ffec8d58c6
-
SHA256
4616c3a50e0393ababc925b496f04f3687664e9d1c4b7966485a7a9124047214
-
SHA512
e16272d638f4cf43aad99072311adacc812c794c82f7b2adaa8a511959eb51d9b9ce534d0927c90d88e17b599732ac8c217e09673889d14eb34b888494d07177
Static task
static1
Behavioral task
behavioral1
Sample
4616c3a50e0393ababc925b496f04f3687664e9d1c4b7966485a7a9124047214.docm
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
4616c3a50e0393ababc925b496f04f3687664e9d1c4b7966485a7a9124047214.docm
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
4616c3a50e0393ababc925b496f04f3687664e9d1c4b7966485a7a9124047214
-
Size
387KB
-
MD5
565717192a35dacce33823a8a7f5f897
-
SHA1
542a54656018b6417320a84deb8e92ffec8d58c6
-
SHA256
4616c3a50e0393ababc925b496f04f3687664e9d1c4b7966485a7a9124047214
-
SHA512
e16272d638f4cf43aad99072311adacc812c794c82f7b2adaa8a511959eb51d9b9ce534d0927c90d88e17b599732ac8c217e09673889d14eb34b888494d07177
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Sets service image path in registry
-