General
-
Target
PO20220926.doc
-
Size
864KB
-
Sample
220926-j7vf6abbgk
-
MD5
6c9ba54d9e3a68b9e2611955021bc939
-
SHA1
1458c60150cd7b36ac7e0a50089b61fb1da0e52c
-
SHA256
c702c2d41d8238744062a0474286881cc3ee8154b2c5f2619d6cae5a32eeba9a
-
SHA512
98f9a025619ebae0315a7513b02a8fa74f25abfb0e8327d3270a1f1bb2c6ebbcef6a2844472b0ca8daa86248e37b4fe21c7fed34889efa5ca569958fd7d1621c
-
SSDEEP
1536:wpGEch6dtRGWbCtpl5kmrJ//RFxXxBpzB9TBtiBqK8Qf6YXkY0kY0kY92i3e+6fa:8yo
Static task
static1
Behavioral task
behavioral1
Sample
PO20220926.rtf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
PO20220926.rtf
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
PO20220926.doc
-
Size
864KB
-
MD5
6c9ba54d9e3a68b9e2611955021bc939
-
SHA1
1458c60150cd7b36ac7e0a50089b61fb1da0e52c
-
SHA256
c702c2d41d8238744062a0474286881cc3ee8154b2c5f2619d6cae5a32eeba9a
-
SHA512
98f9a025619ebae0315a7513b02a8fa74f25abfb0e8327d3270a1f1bb2c6ebbcef6a2844472b0ca8daa86248e37b4fe21c7fed34889efa5ca569958fd7d1621c
-
SSDEEP
1536:wpGEch6dtRGWbCtpl5kmrJ//RFxXxBpzB9TBtiBqK8Qf6YXkY0kY0kY92i3e+6fa:8yo
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-