General
-
Target
315644e7ccc27084de88d6108f59edde58a8775584bdf2e5fbb22841cc353e5d
-
Size
487KB
-
Sample
220520-fp414adggk
-
MD5
05cb50f35c90a9373786deaf55bf72c8
-
SHA1
e5604680b11e788d04b906d3e2560fa44e498b2c
-
SHA256
315644e7ccc27084de88d6108f59edde58a8775584bdf2e5fbb22841cc353e5d
-
SHA512
864e6955ff303560e120d0fde43898809e2542e1c19aa2cbd12168c6804bb660f67270ee33919f651b4b8bc2526e785d193d5ffbdc0f90b8fa0e6ee1beb9d64c
Static task
static1
Behavioral task
behavioral1
Sample
315644e7ccc27084de88d6108f59edde58a8775584bdf2e5fbb22841cc353e5d.docm
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
315644e7ccc27084de88d6108f59edde58a8775584bdf2e5fbb22841cc353e5d.docm
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
315644e7ccc27084de88d6108f59edde58a8775584bdf2e5fbb22841cc353e5d
-
Size
487KB
-
MD5
05cb50f35c90a9373786deaf55bf72c8
-
SHA1
e5604680b11e788d04b906d3e2560fa44e498b2c
-
SHA256
315644e7ccc27084de88d6108f59edde58a8775584bdf2e5fbb22841cc353e5d
-
SHA512
864e6955ff303560e120d0fde43898809e2542e1c19aa2cbd12168c6804bb660f67270ee33919f651b4b8bc2526e785d193d5ffbdc0f90b8fa0e6ee1beb9d64c
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-