Overview

overview

10

Static

static

bergo.docu...2.docm

windows7-x64

4

bergo.docu...2.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bergo.document.08.11.2022.doc

  • Size

    2.2MB

  • Sample

    220811-s77adsbdd2

  • MD5

    228c063e5ce747dd51ffbbdf31dcc1f9

  • SHA1

    e13b37423003ebf1aacc898435607dc471ae0bd6

  • SHA256

    025d824f7fd062715efe4914065eb6026a0f1720256f03e18c652978ec9d6844

  • SHA512

    0f6c3c0f467c1d6f6b8915fd93a9034ea87bddc4b95225c444cd48f2f735f2e09b379febf2951b7ce76ceee9f61191f61bcf6c299d28f974825e6e425ee2159a

Score
10/10

Malware Config

Targets

    • Target

      bergo.document.08.11.2022.doc

    • Size

      2.2MB

    • MD5

      228c063e5ce747dd51ffbbdf31dcc1f9

    • SHA1

      e13b37423003ebf1aacc898435607dc471ae0bd6

    • SHA256

      025d824f7fd062715efe4914065eb6026a0f1720256f03e18c652978ec9d6844

    • SHA512

      0f6c3c0f467c1d6f6b8915fd93a9034ea87bddc4b95225c444cd48f2f735f2e09b379febf2951b7ce76ceee9f61191f61bcf6c299d28f974825e6e425ee2159a

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks