Overview

overview

10

Static

static

8

48c247e5dc...2d.doc

windows7-x64

10

48c247e5dc...2d.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48c247e5dc712829c5af6a481e0466eb4c92d6ba88bd21bf396a72bd1b2ef22d

  • Size

    89KB

  • Sample

    220731-j54baagham

  • MD5

    e1aa1560568d4abcc34ea3d92d431abb

  • SHA1

    b44664fc22f810080ea04d16903ea52099881d77

  • SHA256

    48c247e5dc712829c5af6a481e0466eb4c92d6ba88bd21bf396a72bd1b2ef22d

  • SHA512

    5e28911577c51c98a69345f92aed04df9c6b9c66cb961417fa7a92e31aae084c1353a8c7a52a84f06738cc34c9bac5fcaadfbd6d3f833581523d9ae34873ef60

Score
10/10
macromacro_on_action

Malware Config

Targets

    • Target

      48c247e5dc712829c5af6a481e0466eb4c92d6ba88bd21bf396a72bd1b2ef22d

    • Size

      89KB

    • MD5

      e1aa1560568d4abcc34ea3d92d431abb

    • SHA1

      b44664fc22f810080ea04d16903ea52099881d77

    • SHA256

      48c247e5dc712829c5af6a481e0466eb4c92d6ba88bd21bf396a72bd1b2ef22d

    • SHA512

      5e28911577c51c98a69345f92aed04df9c6b9c66cb961417fa7a92e31aae084c1353a8c7a52a84f06738cc34c9bac5fcaadfbd6d3f833581523d9ae34873ef60

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks