Overview

overview

10

Static

static

require.05.20.doc

windows7_x64

10

require.05.20.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    email.zip

  • Size

    656KB

  • Sample

    200530-54vx4baeae

  • MD5

    f5ff4bd765f59fc7a5f9e30a4bd02fdd

  • SHA1

    2022a4cffeb6ba5372ce63a24427717b7b8d69fc

  • SHA256

    7c5e3fb421331b44461fb1a324c85feca52dbe117639c39fed6d5097f151d300

  • SHA512

    3aa554fcee8b55bd781c110c901069cba520cdfed5ccefd3b934242b7a6ae3ce6c8c40a7a2dd4ef66b424de4a67300a5ea0448bf56b930391ec6c2d1f52a7235

Score
10/10

Malware Config

Targets

    • Target

      require.05.20.doc

    • Size

      72KB

    • MD5

      9f04925d84fc7155683294c713aeeb58

    • SHA1

      95f774a93375a049246ffce99e4c0da5e5ad18a5

    • SHA256

      427a5c15ca89981ea6386e8a262474f80a47f07af10663478b9c7728fc054d54

    • SHA512

      272a5de403ed83f83b0c17f13a2b0919fc8ee5c8b598edda149c6ba4bfdda14a03383dd514e4fe84f7b2c8baaeaf91075407b8c81391a4920d01636431289a0a

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks