Overview

overview

8

Static

static

D0818CB4A7...F7.rtf

windows7-x64

8

D0818CB4A7...F7.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    D0818CB4A7A309836B20152271E52C615EB4593C115A160E7AC457E615579DF7

  • Size

    25KB

  • Sample

    221123-r2qj1sab79

  • MD5

    7577d920ae57cb318bad9c7925daf198

  • SHA1

    be213fc92ca2be8c6e35c79b4a3b33e861137b15

  • SHA256

    d0818cb4a7a309836b20152271e52c615eb4593c115a160e7ac457e615579df7

  • SHA512

    0a0246fb5eb3acb361aff255e1cb6e09f06805be76929ad923dabf60e708eb77747b62f0dc2135444742ce40131ef1fcf21a70315a027bd6516a2f2f35d88134

  • SSDEEP

    384:EQY2vi1V0+QAi6IsuqPa4rKg1LyHkRO7ZXQIRZryorGr6U0sO4AulygEHDKa:i11Qp6IslP52gEERQAr6UgLulynjH

Score
8/10

Malware Config

Targets

    • Target

      D0818CB4A7A309836B20152271E52C615EB4593C115A160E7AC457E615579DF7

    • Size

      25KB

    • MD5

      7577d920ae57cb318bad9c7925daf198

    • SHA1

      be213fc92ca2be8c6e35c79b4a3b33e861137b15

    • SHA256

      d0818cb4a7a309836b20152271e52c615eb4593c115a160e7ac457e615579df7

    • SHA512

      0a0246fb5eb3acb361aff255e1cb6e09f06805be76929ad923dabf60e708eb77747b62f0dc2135444742ce40131ef1fcf21a70315a027bd6516a2f2f35d88134

    • SSDEEP

      384:EQY2vi1V0+QAi6IsuqPa4rKg1LyHkRO7ZXQIRZryorGr6U0sO4AulygEHDKa:i11Qp6IslP52gEERQAr6UgLulynjH

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks