General
-
Target
697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055.doc
-
Size
38KB
-
Sample
240409-byc7hsdg4v
-
MD5
3d98b4c649408c7021b1e01dc72f2ae4
-
SHA1
1c54a47e38e884458f2f341357afbafe8aedaaa4
-
SHA256
697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055
-
SHA512
7a6cd849b620dd5886a914dda82d80176c670a8f2c6496d2bfa99c04585c81791ebf32436e6f18965dde4c03a05f906a09b9ae445b87ba29f99ed266efb05ce5
-
SSDEEP
768:P4/fsF85PLRSHdhUDHuoKE3Jv13+S06b+NivOBdNCDOP4:PefsF86/UDOoLZv13+Xg+fdIj
Behavioral task
behavioral1
Sample
697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055.dotm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055.dotm
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055.doc
-
Size
38KB
-
MD5
3d98b4c649408c7021b1e01dc72f2ae4
-
SHA1
1c54a47e38e884458f2f341357afbafe8aedaaa4
-
SHA256
697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055
-
SHA512
7a6cd849b620dd5886a914dda82d80176c670a8f2c6496d2bfa99c04585c81791ebf32436e6f18965dde4c03a05f906a09b9ae445b87ba29f99ed266efb05ce5
-
SSDEEP
768:P4/fsF85PLRSHdhUDHuoKE3Jv13+S06b+NivOBdNCDOP4:PefsF86/UDOoLZv13+Xg+fdIj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-