Overview

overview

10

Static

static

1

doc_E803_May_30.js

windows7-x64

1

doc_E803_May_30.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    doc_E792_May_30.zip

  • Size

    1KB

  • Sample

    230530-rey8msaa28

  • MD5

    c0a358a04d2239c6ab9c38e9f17f639d

  • SHA1

    001581a3431be6d03c7158bd02b7e703ce9dae0d

  • SHA256

    3ba9ecea7bb15bae534260aa9ea7d2dd10505d6f62410146006b44badb597d5d

  • SHA512

    645d6c180e2f0a452e96f91f5fe7acffccae2df8694a2216826a3c248f9df1b138d46fcb8a65ef1247a58d086252a3307e5d2e202bff4707a41b4063cb704a38

Score
10/10

Malware Config

Targets

    • Target

      doc_E803_May_30.js

    • Size

      4KB

    • MD5

      372c0146158fc7622d2f4ecb05708f5d

    • SHA1

      ee1646a8d3b6f9d736ba17fb3922fc0555cb57c2

    • SHA256

      ee545a60312a4b70a147e7fd41eac62f0f830c6b92a80524c1dbf07cfe4d8117

    • SHA512

      cac760f349ad59eadc27085414e805b38f96c6eb2223b7f8b3238939f819512d54949a9725f1304cad8fc543b1e3207e478e29409aa2f120ea02ac5c4de42e83

    • SSDEEP

      96:ePb4dbVRZCVZZCPJ07AzAkqnzCnFwlH4NM:i4dbVRYzYPO7AzgCM

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks