General
-
Target
InvoiceTemplate.docx
-
Size
22KB
-
Sample
221125-paqdtsfe36
-
MD5
0168356fc946b274d1af458129a6430d
-
SHA1
039bb381689e171e7763404f61e659875e68f374
-
SHA256
4db472065546e2e7cf4b550b62bf15704a12b30286c07ad8de0901aeb885674e
-
SHA512
cf48b0734c89480f2839ceca552ca4d918ce067bc4298d02cb9542102bf04bc82103676cd19aa8fcc99b04e9710db505e0ce403f18484625a978336d567b8d04
-
SSDEEP
384:t2OAtyoDHhoY7o3fQbZgpGo2Npq6vfNxt/ZtNNY76cLXCaMoF69BUbvo:UbXQfIgpeNpq6dxllNMLX1FsBUbQ
Behavioral task
behavioral1
Sample
InvoiceTemplate.dotm
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
InvoiceTemplate.dotm
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
InvoiceTemplate.docx
-
Size
22KB
-
MD5
0168356fc946b274d1af458129a6430d
-
SHA1
039bb381689e171e7763404f61e659875e68f374
-
SHA256
4db472065546e2e7cf4b550b62bf15704a12b30286c07ad8de0901aeb885674e
-
SHA512
cf48b0734c89480f2839ceca552ca4d918ce067bc4298d02cb9542102bf04bc82103676cd19aa8fcc99b04e9710db505e0ce403f18484625a978336d567b8d04
-
SSDEEP
384:t2OAtyoDHhoY7o3fQbZgpGo2Npq6vfNxt/ZtNNY76cLXCaMoF69BUbvo:UbXQfIgpeNpq6dxllNMLX1FsBUbQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-