Overview

overview

10

Static

static

8

Informatio...69.doc

windows7_x64

10

Informatio...69.doc

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    493289e6050bf1c1dc7386939e0e6d50fef28c5b0315c2ad81c37cee5989df78

  • Size

    280KB

  • Sample

    220521-m856tsgddl

  • MD5

    396ce5228e1425432555395885b52732

  • SHA1

    893429e5d7e197870adc6b9b89745e19a9a40cbf

  • SHA256

    493289e6050bf1c1dc7386939e0e6d50fef28c5b0315c2ad81c37cee5989df78

  • SHA512

    6a7be3684e7c5adbebe02c797d04e48fe0e9ff9828eab112cfafb262abcc8344bb3e6ae471cf61904e80d8d40675a520fd29f3da3d8dcac0091571ee6c02d6b4

Score
10/10
macro

Malware Config

Targets

    • Target

      Information_79216117869.doc

    • Size

      548KB

    • MD5

      46fb44acc4862a5f3c60b77153676efa

    • SHA1

      b4ad77cf731f93a5b3cc59f152be8f39e752b99f

    • SHA256

      5505b90064bed94dfd3199e71b06f74aeed136f8a1ced57f65e604ba427016ac

    • SHA512

      999724485843a39e0ea7e801fe5ff4ffd4700e139c7a4cde80e59dd2e3b76f84c7d3d4a9863d22f09d6f5f604342ab330b651b58249b0fa4d33f8ce77f43e461

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks