General

  • Target

    697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055.doc

  • Size

    38KB

  • Sample

    240409-byc7hsdg4v

  • MD5

    3d98b4c649408c7021b1e01dc72f2ae4

  • SHA1

    1c54a47e38e884458f2f341357afbafe8aedaaa4

  • SHA256

    697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055

  • SHA512

    7a6cd849b620dd5886a914dda82d80176c670a8f2c6496d2bfa99c04585c81791ebf32436e6f18965dde4c03a05f906a09b9ae445b87ba29f99ed266efb05ce5

  • SSDEEP

    768:P4/fsF85PLRSHdhUDHuoKE3Jv13+S06b+NivOBdNCDOP4:PefsF86/UDOoLZv13+Xg+fdIj

Score
10/10

Malware Config

Targets

    • Target

      697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055.doc

    • Size

      38KB

    • MD5

      3d98b4c649408c7021b1e01dc72f2ae4

    • SHA1

      1c54a47e38e884458f2f341357afbafe8aedaaa4

    • SHA256

      697e5c66b37dca99fc17ba919792e7429efbff1df26cea3c26866eff269b0055

    • SHA512

      7a6cd849b620dd5886a914dda82d80176c670a8f2c6496d2bfa99c04585c81791ebf32436e6f18965dde4c03a05f906a09b9ae445b87ba29f99ed266efb05ce5

    • SSDEEP

      768:P4/fsF85PLRSHdhUDHuoKE3Jv13+S06b+NivOBdNCDOP4:PefsF86/UDOoLZv13+Xg+fdIj

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks