Overview

overview

8

Static

static

C913990AF3...40.rtf

windows7-x64

8

C913990AF3...40.rtf

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    C913990AF3B4C953A37E91C3797A17392E1604D5D34F13B8CD03641EB243F740

  • Size

    26KB

  • Sample

    221123-r1smzsda3x

  • MD5

    b0407fbb818bd9c67348f4a9e52e878d

  • SHA1

    dbaafd96ec1bfc9c682655ad82f91cf743a723f9

  • SHA256

    c913990af3b4c953a37e91c3797a17392e1604d5d34f13b8cd03641eb243f740

  • SHA512

    9ba5e5d107c0116c18b7404f4f6992b5f354fb860db7c1fb3a72b2edb050eb0778a2da6f0244c6efd7cd6b1fb1c315df095789bc1e3439a0bd90ecf0e1baa473

  • SSDEEP

    768:nFx0XaIsnPRIa4fwJMeLvgKBCcR4lsu00dFd:nf0Xvx3EMeLvgK5Asu0cD

Score
8/10
discovery

Malware Config

Targets

    • Target

      C913990AF3B4C953A37E91C3797A17392E1604D5D34F13B8CD03641EB243F740

    • Size

      26KB

    • MD5

      b0407fbb818bd9c67348f4a9e52e878d

    • SHA1

      dbaafd96ec1bfc9c682655ad82f91cf743a723f9

    • SHA256

      c913990af3b4c953a37e91c3797a17392e1604d5d34f13b8cd03641eb243f740

    • SHA512

      9ba5e5d107c0116c18b7404f4f6992b5f354fb860db7c1fb3a72b2edb050eb0778a2da6f0244c6efd7cd6b1fb1c315df095789bc1e3439a0bd90ecf0e1baa473

    • SSDEEP

      768:nFx0XaIsnPRIa4fwJMeLvgKBCcR4lsu00dFd:nf0Xvx3EMeLvgK5Asu0cD

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks