Overview

overview

10

Static

static

1

doc_E182_May_30.js

windows7-x64

1

doc_E182_May_30.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    doc_E103.zip

  • Size

    1KB

  • Sample

    230530-qfqr8aaa5t

  • MD5

    475c987f31be4d0521bb85dc6de09556

  • SHA1

    cd34d2ead28e04c860dd1749c1e424ae073ea3b3

  • SHA256

    e5a69ce176d32941ea2254b389b8e9527ad35db8034f201fa5c4b183ac84654e

  • SHA512

    2b27e7619af7e6f659cff2dc14ce403897c0931141eb5259c43e8baa46043cc80d8f43c969fbae6cff8ba2057c2761c08e961fdbea20c84574f7946f1ff7caf6

Score
10/10

Malware Config

Targets

    • Target

      doc_E182_May_30.js

    • Size

      4KB

    • MD5

      2be16a975932a9c3c937ccf2df5e82d1

    • SHA1

      8f4ec9376a84392fe45299318d94359e2d1a62a5

    • SHA256

      d54c862dcd08a83e5452270e3343562647ec50fc5d9d1391a15b9a8429fa95a7

    • SHA512

      d6b2fc8cb3fbfd0974aa63f705618b5381687392fa451f45b2cf7c2e540e1b2701a89e68ca3ff363ff05c92199af7e8158fd3e02e32ec8fc479993c0340f3326

    • SSDEEP

      96:5Lx7S7ztfLbICVU3Ca/UgrIr6rU3rxxrJnXCVMuFwNjHi5ts:AfLbjuya/UgrIr6r2r/rhT7t

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks