Overview

overview

10

Static

static

8

2.dotm

windows7-x64

10

2.dotm

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2.dotm

  • Size

    16KB

  • Sample

    221014-yrwfvaecc5

  • MD5

    36b85687634e5b6e4e22ca582d0cc99d

  • SHA1

    1b51b1206f2c4b1030a7fca525454fb4d5bc803e

  • SHA256

    9b7de51558eeffaf3077641a0184391a34c76c2f752109fcab5c97836a8728f1

  • SHA512

    3e36b3f938dd11fc45a2c2b744eec0553fe2e384ee5c12ef9a3e6d352e587a5c2f030e7e5152c448d38f61bff2397d106460acea1f4ca421e525f2c8da72cd6b

  • SSDEEP

    384:tUtfXaR46GVksrVVINxt/ZtNN/Yep+30OnJySm:4fq4PVksJgxllN/T+3BJm

Score
10/10
macro

Malware Config

Targets

    • Target

      2.dotm

    • Size

      16KB

    • MD5

      36b85687634e5b6e4e22ca582d0cc99d

    • SHA1

      1b51b1206f2c4b1030a7fca525454fb4d5bc803e

    • SHA256

      9b7de51558eeffaf3077641a0184391a34c76c2f752109fcab5c97836a8728f1

    • SHA512

      3e36b3f938dd11fc45a2c2b744eec0553fe2e384ee5c12ef9a3e6d352e587a5c2f030e7e5152c448d38f61bff2397d106460acea1f4ca421e525f2c8da72cd6b

    • SSDEEP

      384:tUtfXaR46GVksrVVINxt/ZtNN/Yep+30OnJySm:4fq4PVksJgxllN/T+3BJm

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks