Overview

overview

10

Static

static

1

Hybrid Warefare.docx

windows7-x64

7

Hybrid Warefare.docx

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Hybrid Warefare.docx

  • Size

    1.3MB

  • Sample

    240308-yggvpsef73

  • MD5

    d8df558c411548de703b56eac8e05143

  • SHA1

    b0c489a139435bbdf7b565fa70733b7fda1c660e

  • SHA256

    acbfbf6fd00fa347a52657e5ca0f5cc6cbcf197a04e2d3fd5dc9235926b319d7

  • SHA512

    caff566ce0a18567b6a39a84d98dc54ec67fe7c1122c245b454ac54667a0144615de9b29370c5e68b2f89dcb2f8b0fa1cae960d14813a88d78e7e4524f8e6faa

  • SSDEEP

    24576:0EkS4d0mA42vni/50WwiA6lMxjcs2IqRI+pFtZUFPFSvPX+:XhI0A+ih+H6lcj/27I+jtGjwO

Score
10/10

Malware Config

Targets

    • Target

      Hybrid Warefare.docx

    • Size

      1.3MB

    • MD5

      d8df558c411548de703b56eac8e05143

    • SHA1

      b0c489a139435bbdf7b565fa70733b7fda1c660e

    • SHA256

      acbfbf6fd00fa347a52657e5ca0f5cc6cbcf197a04e2d3fd5dc9235926b319d7

    • SHA512

      caff566ce0a18567b6a39a84d98dc54ec67fe7c1122c245b454ac54667a0144615de9b29370c5e68b2f89dcb2f8b0fa1cae960d14813a88d78e7e4524f8e6faa

    • SSDEEP

      24576:0EkS4d0mA42vni/50WwiA6lMxjcs2IqRI+pFtZUFPFSvPX+:XhI0A+ih+H6lcj/27I+jtGjwO

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks