Overview

overview

8

Static

static

1

df150a5f4e...5b.rtf

windows7-x64

8

df150a5f4e...5b.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df150a5f4e55998c6688495acf39c9eefbfef604406d8347f1ca1c21a0ea115b.doc

  • Size

    279KB

  • Sample

    240522-cygqdahf3v

  • MD5

    e57e6083429cae24a0f7aef576a0facc

  • SHA1

    ca682ad3207f76af62964f95c5d99f8370659318

  • SHA256

    df150a5f4e55998c6688495acf39c9eefbfef604406d8347f1ca1c21a0ea115b

  • SHA512

    94d8506e49ab90665ef566525b64ff6ad71d17968bd8827cedb1bf7e2a0b099aaf7544d90cd240a7c8311ad9071bdd6ecc4b28b4c4be66c2df52f594269b6004

  • SSDEEP

    6144:LwAYwAYwAYwAYwAYwAYwAYwAYwAYwAM0kYL:6

Score
8/10

Malware Config

Targets

    • Target

      df150a5f4e55998c6688495acf39c9eefbfef604406d8347f1ca1c21a0ea115b.doc

    • Size

      279KB

    • MD5

      e57e6083429cae24a0f7aef576a0facc

    • SHA1

      ca682ad3207f76af62964f95c5d99f8370659318

    • SHA256

      df150a5f4e55998c6688495acf39c9eefbfef604406d8347f1ca1c21a0ea115b

    • SHA512

      94d8506e49ab90665ef566525b64ff6ad71d17968bd8827cedb1bf7e2a0b099aaf7544d90cd240a7c8311ad9071bdd6ecc4b28b4c4be66c2df52f594269b6004

    • SSDEEP

      6144:LwAYwAYwAYwAYwAYwAYwAYwAYwAYwAM0kYL:6

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks