Overview

overview

10

Static

static

legislate_...20.doc

windows7_x64

10

legislate_...20.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    legislate.zip

  • Size

    61KB

  • Sample

    200529-ntd943hpdn

  • MD5

    4353bacfd75c0f13ababe1e684cb9883

  • SHA1

    eb2c3e6c519aae87ef4ffe56371732c286f21a15

  • SHA256

    4059f4924e41456c070fab91d9d0dd87111215188c4c60732064f9e852b05da1

  • SHA512

    0c2a392a52ce02eadd2149e5072229873d4d2898da0b5ac8b4cf7b4f00f3e6d21b1da27e96c573e017b6ab48cd6ab6cf23ff2c6eecfe34ad436d55ec2839e278

Score
10/10

Malware Config

Targets

    • Target

      legislate_05.27.2020.doc

    • Size

      73KB

    • MD5

      44cc5fae2c2016f5d444fc53d42a49ca

    • SHA1

      b524d88fc10b401530f2608810ec0e4ce883cf76

    • SHA256

      d76bdd6ea01c66c323dcc781e1d4a4e7470337f72aeedfd5b184fee9c97ca953

    • SHA512

      81ba7f9e0135232d1e72ea6e05eeaa8edfd87e541420d188b6923221eb1e6dcb2ffe90bbecd11ed652afedcb12b7f607788ad8cca014445df1a809a277772abc

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks