General
-
Target
2ab98ac09ef0db9eaef3b2ecc09a6ef42d6977cba89ac08781f0751572d5b16b
-
Size
638KB
-
Sample
220524-zp7xjabhaj
-
MD5
5b769ca4f7175d282c3f34135148bd80
-
SHA1
7c13ba85e98e46b5a17f77ea36ccf54946913633
-
SHA256
2ab98ac09ef0db9eaef3b2ecc09a6ef42d6977cba89ac08781f0751572d5b16b
-
SHA512
e9144c58cc1d10f0537f21d9515dfaa59e8a39e4f6ddc299fcd67f0062d8bfd27ee2fd61c2f6fb44c08ccbd39336a1072048507fc52a6306780e7c56738f333a
Static task
static1
Behavioral task
behavioral1
Sample
2ab98ac09ef0db9eaef3b2ecc09a6ef42d6977cba89ac08781f0751572d5b16b.docm
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2ab98ac09ef0db9eaef3b2ecc09a6ef42d6977cba89ac08781f0751572d5b16b.docm
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
2ab98ac09ef0db9eaef3b2ecc09a6ef42d6977cba89ac08781f0751572d5b16b
-
Size
638KB
-
MD5
5b769ca4f7175d282c3f34135148bd80
-
SHA1
7c13ba85e98e46b5a17f77ea36ccf54946913633
-
SHA256
2ab98ac09ef0db9eaef3b2ecc09a6ef42d6977cba89ac08781f0751572d5b16b
-
SHA512
e9144c58cc1d10f0537f21d9515dfaa59e8a39e4f6ddc299fcd67f0062d8bfd27ee2fd61c2f6fb44c08ccbd39336a1072048507fc52a6306780e7c56738f333a
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-