General
-
Target
documents.08.010.2020.doc
-
Size
103KB
-
Sample
220926-c4gbssabhj
-
MD5
8048d47ea9f0413ab0eab7af519d7484
-
SHA1
0798338a1b3343ff9455f4c46704fa6e40bf17c0
-
SHA256
13bbdfee503648ce33da31f677f27e783c443f23a8a62a7b7b3ffbd28542a0b4
-
SHA512
8b346b77e7a19f4caba92b0957bf0f12abacdd2ba194927b9ec9b0300b27ba6bbbc3c5629b59f303e4d6e67b0740c4904c0d6609cf9d50fb9fd18255b0cc39ef
-
SSDEEP
3072:Wcl38UZUKUq3x3CXZWLd4xPiGosHZCZkBiLX:d38UZUKUgQWh0PVosHykMT
Behavioral task
behavioral1
Sample
documents.08.010.2020.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
documents.08.010.2020.docm
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
documents.08.010.2020.doc
-
Size
103KB
-
MD5
8048d47ea9f0413ab0eab7af519d7484
-
SHA1
0798338a1b3343ff9455f4c46704fa6e40bf17c0
-
SHA256
13bbdfee503648ce33da31f677f27e783c443f23a8a62a7b7b3ffbd28542a0b4
-
SHA512
8b346b77e7a19f4caba92b0957bf0f12abacdd2ba194927b9ec9b0300b27ba6bbbc3c5629b59f303e4d6e67b0740c4904c0d6609cf9d50fb9fd18255b0cc39ef
-
SSDEEP
3072:Wcl38UZUKUq3x3CXZWLd4xPiGosHZCZkBiLX:d38UZUKUgQWh0PVosHykMT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Loads dropped DLL
-