Overview

overview

8

Static

static

855_28042020.doc

windows7_x64

8

855_28042020.doc

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    855_28042020.doc

  • Size

    228KB

  • Sample

    210223-rkwnfqwfe2

  • MD5

    eda54697e6ab436600b8b74102833d7e

  • SHA1

    fe3b1e8337728c74600eab9cb5c9f073e7c04ced

  • SHA256

    73bccef5c926cefd41f82a329a8ba732bf59195f19c67498ccf162caa6410de1

  • SHA512

    a16951fc4600a2e3d468c1b82d05c657ffca41745c2fd91ac2a1449b4f87efe6eda1deb0e3b1c8fe573f0a44760f90a98628a431b81fbcae25bc33e1b55b87b0

Score
8/10

Malware Config

Targets

    • Target

      855_28042020.doc

    • Size

      228KB

    • MD5

      eda54697e6ab436600b8b74102833d7e

    • SHA1

      fe3b1e8337728c74600eab9cb5c9f073e7c04ced

    • SHA256

      73bccef5c926cefd41f82a329a8ba732bf59195f19c67498ccf162caa6410de1

    • SHA512

      a16951fc4600a2e3d468c1b82d05c657ffca41745c2fd91ac2a1449b4f87efe6eda1deb0e3b1c8fe573f0a44760f90a98628a431b81fbcae25bc33e1b55b87b0

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks