208e96b92135480cddf4e5295f0f55c0269599fa7ebcd92ceac03ad36cf7cfbb | Triage

Submit
Reports

Overview

overview

Static

static

8

BARCLAYS b...e.docm

windows7-x64

BARCLAYS b...e.docm

windows10-2004-x64

Sharing

General

Target

BARCLAYS bank swift message.docm
Size

19KB
Sample

221031-kx8fpsaea2
MD5

afa68e0b039986cb7d5c669eb0361ee7
SHA1

adae97ce6b4bcbf85589a1cf3d709f00fd46f2ee
SHA256

208e96b92135480cddf4e5295f0f55c0269599fa7ebcd92ceac03ad36cf7cfbb
SHA512

8c5f80b4cfcbd7061e341c3f9dcfac8efa648ece5b299fde8390804f61ecf696de98954184b6fb444355350c75101871cbec68dbf9df2e71f3f19bc0c0b23411
SSDEEP

384:VOnFGK9JH04s/wyPLYGMyMrCHYvXW3ivLsZrx8tAClypRuh:oAKzsYuKy9YvXW3izsZrx7kye

Score

10^/10

macro

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

BARCLAYS bank swift message.docm

Resource

win7-20220901-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

BARCLAYS bank swift message.docm

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  BARCLAYS bank swift message.docm
- Size
  
  19KB
- MD5
  
  afa68e0b039986cb7d5c669eb0361ee7
- SHA1
  
  adae97ce6b4bcbf85589a1cf3d709f00fd46f2ee
- SHA256
  
  208e96b92135480cddf4e5295f0f55c0269599fa7ebcd92ceac03ad36cf7cfbb
- SHA512
  
  8c5f80b4cfcbd7061e341c3f9dcfac8efa648ece5b299fde8390804f61ecf696de98954184b6fb444355350c75101871cbec68dbf9df2e71f3f19bc0c0b23411
- SSDEEP
  
  384:VOnFGK9JH04s/wyPLYGMyMrCHYvXW3ivLsZrx8tAClypRuh:oAKzsYuKy9YvXW3izsZrx7kye
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy