Overview

overview

10

Static

static

8

Doc_06162020.doc

windows7_x64

10

Doc_06162020.doc

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    54d2448355d298c883e885dcf56ee943fa926ba42c46bb8d06722772653619b1

  • Size

    368KB

  • Sample

    220521-m8xvfsgdcl

  • MD5

    91b990b76aeb393f52c5581f830597a8

  • SHA1

    b8357f9c4209388dce5a30e05c5af458349ac7b2

  • SHA256

    54d2448355d298c883e885dcf56ee943fa926ba42c46bb8d06722772653619b1

  • SHA512

    cfea923bda9d0e56e4d156a929d89bb68d78b654fa65078bb99928543dee8ecc9975aa0b724b7320042cbf542e12dd7f2fc3ab848a24fda906b8e8ef3e91583a

Score
10/10
macro

Malware Config

Targets

    • Target

      Doc_06162020.doc

    • Size

      509KB

    • MD5

      1cc3e165448a1507ce5e59b18a7de037

    • SHA1

      1f88a72ea7e6819edbe8af361e2258d661fc9ea5

    • SHA256

      5740597cab760481789304022438aac74fc44994073c340b08577ee582dba776

    • SHA512

      c01b6cd16f7075882250f8fa4bda864e8f7373afae637118ac20b6d3ffd9a371a46f9df86eedd69a7df63d867f0cd8714fc317e54e722dd6f5a348cd16f4861f

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks