78ae284dc89a379d49cc75a275595f5cfa3c65faeeceb6b4109b8cd7348ae548 | Triage

Submit
Reports

Overview

overview

Static

static

official p..._9.doc

windows7_x64

official p..._9.doc

windows10_x64

Sharing

General

Target

official paper 07.31.2020_9.doc
Size

113KB
Sample

200731-rfr87gkc7n
MD5

cf663c1b43e3c83e48329b85196bfbf3
SHA1

dfa4c03ba0c8b4bfcd6abc4538226b72529104c4
SHA256

78ae284dc89a379d49cc75a275595f5cfa3c65faeeceb6b4109b8cd7348ae548
SHA512

f9fab227f6acd1507781b4e8ce610c0a5dcb1ce1e79333369e965b88394f9611fe122f9558376dc63274db2146b01ba3e2c417439c4c3047de0b9687b9c51084

Score

10^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

official paper 07.31.2020_9.doc

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

official paper 07.31.2020_9.doc

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  official paper 07.31.2020_9.doc
- Size
  
  113KB
- MD5
  
  cf663c1b43e3c83e48329b85196bfbf3
- SHA1
  
  dfa4c03ba0c8b4bfcd6abc4538226b72529104c4
- SHA256
  
  78ae284dc89a379d49cc75a275595f5cfa3c65faeeceb6b4109b8cd7348ae548
- SHA512
  
  f9fab227f6acd1507781b4e8ce610c0a5dcb1ce1e79333369e965b88394f9611fe122f9558376dc63274db2146b01ba3e2c417439c4c3047de0b9687b9c51084
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy