89d4d85592bf0b5e8b55c2d62c9050bfa8c3017f9f497134dbacbb2a0f13a09e | Triage

Submit
Reports

Overview

overview

Static

static

1

mof-npd-ci...3.docx

windows7-x64

1

mof-npd-ci...3.docx

windows10-2004-x64

Sharing

General

Target

mof-npd-circ20240103.docx
Size

1.6MB
Sample

240112-spxcgaadgl
MD5

8202209354ece5c53648c52bdbd064f0
SHA1

683210af38ef15f1bacb67ddc42f085bee05cf35
SHA256

89d4d85592bf0b5e8b55c2d62c9050bfa8c3017f9f497134dbacbb2a0f13a09e
SHA512

df8d1aaf4798541f25797c2928db9c90f03f534f5a326d05e160ae4f293fd0abd68b5e4ac9468da7a6af82a5b6eb2a79395367b2cdb514b57c76e5bb958cb47a
SSDEEP

49152:JJb+67s4Y+WJ9UhMQzTDdwPaQx3fNdK1HAgCclqDhDAy:/f2mhMQ3DEaG3eHAgCclgEy

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

mof-npd-circ20240103.docx

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

mof-npd-circ20240103.docx

Resource

win10v2004-20231222-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  mof-npd-circ20240103.docx
- Size
  
  1.6MB
- MD5
  
  8202209354ece5c53648c52bdbd064f0
- SHA1
  
  683210af38ef15f1bacb67ddc42f085bee05cf35
- SHA256
  
  89d4d85592bf0b5e8b55c2d62c9050bfa8c3017f9f497134dbacbb2a0f13a09e
- SHA512
  
  df8d1aaf4798541f25797c2928db9c90f03f534f5a326d05e160ae4f293fd0abd68b5e4ac9468da7a6af82a5b6eb2a79395367b2cdb514b57c76e5bb958cb47a
- SSDEEP
  
  49152:JJb+67s4Y+WJ9UhMQzTDdwPaQx3fNdK1HAgCclqDhDAy:/f2mhMQ3DEaG3eHAgCclgEy
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy