Overview

overview

10

Static

static

8702469e99...41.rtf

windows7-x64

1

8702469e99...41.rtf

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8702469e99e76ebfb73f28848cc10ca8fd9c8dabeedb9559a9bb4239dfba0941

  • Size

    447KB

  • Sample

    221123-szgd1acf28

  • MD5

    9eb2158d227eff7fc4a332bb82f0cd90

  • SHA1

    b00650953c80493ff396ce0b20c59929b898e941

  • SHA256

    8702469e99e76ebfb73f28848cc10ca8fd9c8dabeedb9559a9bb4239dfba0941

  • SHA512

    7fe51c8c873f448ff00197e1e2208be733fae246095438aa0e953c7cc8dac82e59d9f6ea6faaad36c3f6752a9b08f0aeac51931e04732e31d4353685a3829b04

  • SSDEEP

    6144:qaEwDKFznFIzXFUc4crsdYIaAeM3pQw7RUejwJHYmbEbkO98uaFDFLSVh/rnH:vtScbEbkLDxSVVrH

Score
10/10

Malware Config

Targets

    • Target

      8702469e99e76ebfb73f28848cc10ca8fd9c8dabeedb9559a9bb4239dfba0941

    • Size

      447KB

    • MD5

      9eb2158d227eff7fc4a332bb82f0cd90

    • SHA1

      b00650953c80493ff396ce0b20c59929b898e941

    • SHA256

      8702469e99e76ebfb73f28848cc10ca8fd9c8dabeedb9559a9bb4239dfba0941

    • SHA512

      7fe51c8c873f448ff00197e1e2208be733fae246095438aa0e953c7cc8dac82e59d9f6ea6faaad36c3f6752a9b08f0aeac51931e04732e31d4353685a3829b04

    • SSDEEP

      6144:qaEwDKFznFIzXFUc4crsdYIaAeM3pQw7RUejwJHYmbEbkO98uaFDFLSVh/rnH:vtScbEbkLDxSVVrH

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks