Overview

overview

10

Static

static

8

Outstandin...nt.doc

windows7-x64

10

Outstandin...nt.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Outstanding_Payment.doc

  • Size

    545KB

  • Sample

    220914-hlchsahdh5

  • MD5

    3d208656601ef1b311d9561a318121ee

  • SHA1

    11749a67a0405415c7922dd91af846bab33529c4

  • SHA256

    8cb2a498e709898ab2931affa7602b6cf1f936ba602ab1e122717c6d0f7cf727

  • SHA512

    66b37440870301e2aaa3b8b97206d713c5c1a612cfe4599b69d60a4b3313582a6c237379cb9f60f548637c85991b012c7234fc8d84217ffd940e6cc56f743955

  • SSDEEP

    6144:D/pxoQL1U6ewpflmAXw/cDzTCYAfmoXYT7Wj2aBwoXYT7Wj2aBwoXYQa7:jpyf6Rhjrg0g0L

Score
10/10
macromacro_on_action

Malware Config

Targets

    • Target

      Outstanding_Payment.doc

    • Size

      545KB

    • MD5

      3d208656601ef1b311d9561a318121ee

    • SHA1

      11749a67a0405415c7922dd91af846bab33529c4

    • SHA256

      8cb2a498e709898ab2931affa7602b6cf1f936ba602ab1e122717c6d0f7cf727

    • SHA512

      66b37440870301e2aaa3b8b97206d713c5c1a612cfe4599b69d60a4b3313582a6c237379cb9f60f548637c85991b012c7234fc8d84217ffd940e6cc56f743955

    • SSDEEP

      6144:D/pxoQL1U6ewpflmAXw/cDzTCYAfmoXYT7Wj2aBwoXYT7Wj2aBwoXYQa7:jpyf6Rhjrg0g0L

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks