Extracted

• • Target

    4442ee3018575b65e1fb7c9c5c72ce70.rtf

  • Size

    93KB

  • MD5

    4442ee3018575b65e1fb7c9c5c72ce70

  • SHA1

    9f22d29f24283813384e432186f5b096df92b3f6

  • SHA256

    a6dc37385e639c54aff6476fa41a9ddce064129008ad409bff5a4e2245f76cde

  • SHA512

    afafc67a9a56e9f5ce56130e52a99d32adbef2210a495a75bb342602b7306536b465a201e8f1d84a76cc01ae9ef53eaccb711697d16ac94dbf92b938442abde8

  • SSDEEP

    768:lD9hFTt/0MEUQXT0AxwE2ZFpLSMVPqMiV0:lD9Xx/0MZQXT0AxwE2npLTiMk0

  Score

  10^/10

  discoveryexecution

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Drops file in System32 directory

  behavioral1behavioral2