Overview

overview

10

Static

static

1

doc_F825_May_31.js

windows7-x64

1

doc_F825_May_31.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    doc_ABCD_May31.zip

  • Size

    1KB

  • Sample

    230531-s4dhxagc4z

  • MD5

    2e8efc45b3b4fa486e47905faf411e6b

  • SHA1

    5dff4a792f82288447c0aad7871d468ba32a77d0

  • SHA256

    3adfec6c1c674f1f688cf751a1015179e8a30bd1a7883c32c965f232a51eabc4

  • SHA512

    0d45dae3029b4994b9ace13cb0f34c017af73dcc3e433b373abebd37f4a3c46830edce02b0b7da3273fe49fac59eaea406c8035a19ce4293e98bc16b25dd7f51

Score
10/10

Malware Config

Targets

    • Target

      doc_F825_May_31.js

    • Size

      4KB

    • MD5

      d650c3e659a8e025e53068c21063a405

    • SHA1

      b4d356483db32fbadb16ad253e1dd18e40d63911

    • SHA256

      710a8ed987f7de59a72fe3d3627661a72ff018331a8152e48449dbd3231eddd9

    • SHA512

      fa3a54828fee78220b4076608fa2aff80967e4e4ce3e9cc11d9cac76cd72044a36db357c88a11017d6bcb17f3829c3f79c2ca9c0cb58b012a8a883fb0fda73bb

    • SSDEEP

      96:00cIEPFn/UC9Slzgv1i2KUPtcbdFmf02Z3Y3tC:PSqzgN9eqMtC

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks