f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337 | Triage

Submit
Reports

Overview

overview

Static

static

f019495a1d...7.docx

windows7-x64

f019495a1d...7.docx

windows10-2004-x64

1

Resubmissions

26-09-2022 05:13

220926-fwvq1aafhq 10

24-09-2022 08:13

220924-j4eljaagh2 10

Sharing

General

Target

f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337.zip
Size

155KB
Sample

220926-fwvq1aafhq
MD5

45dfdde3df07b6ccc23b7ae6e3dc1212
SHA1

36ff7eb9b5e0c112197de5cbb13761927e201053
SHA256

f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337
SHA512

56c8df9b86b6e11ede97fe7c98464eefc8b42db9eece267669777787c23217a51dec80d571092980149b5ed59b7e467307c55c5015fa2df2db4e5a54e1a7adcc
SSDEEP

3072:cH6NqHlnUjeb+oBlRvDNRmc95BR/YCkXr03++0ae:w6NqNmW+2RvDvJF/YCY2Pe

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337.docx

Resource

win7-20220812-en

windows7-x64

13 signatures

600 seconds

Behavioral task

behavioral2

Sample

f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337.docx

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

600 seconds

Malware Config

Targets

- Target
  
  f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337.zip
- Size
  
  155KB
- MD5
  
  45dfdde3df07b6ccc23b7ae6e3dc1212
- SHA1
  
  36ff7eb9b5e0c112197de5cbb13761927e201053
- SHA256
  
  f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337
- SHA512
  
  56c8df9b86b6e11ede97fe7c98464eefc8b42db9eece267669777787c23217a51dec80d571092980149b5ed59b7e467307c55c5015fa2df2db4e5a54e1a7adcc
- SSDEEP
  
  3072:cH6NqHlnUjeb+oBlRvDNRmc95BR/YCkXr03++0ae:w6NqNmW+2RvDvJF/YCY2Pe
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Abuses OpenXML format to download file from external location
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy