4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777 | Triage

Submit
Reports

Overview

overview

Static

static

ballfin,fi...2.docm

windows7-x64

4

ballfin,fi...2.docm

windows10-2004-x64

Sharing

General

Target

ballfin,file,08.11.22.doc
Size

2.2MB
Sample

220811-t1yv4sbgh9
MD5

75d17f46accbe980e1deb28dd7513085
SHA1

6ae88b35e85f6fbb55584893f696f859dccfedc2
SHA256

4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777
SHA512

e9959f74b0c4cb34c1167eb622fbdd8ae8bbeb808ca8d6680bc82f22c9d0566b6dac30b1376837fd54a4b21bac7af414bccc90e849ec32b2f78564d98bf5674f

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

ballfin,file,08.11.22.docm

Resource

win7-20220715-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ballfin,file,08.11.22.docm

Resource

win10v2004-20220721-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ballfin,file,08.11.22.doc
- Size
  
  2.2MB
- MD5
  
  75d17f46accbe980e1deb28dd7513085
- SHA1
  
  6ae88b35e85f6fbb55584893f696f859dccfedc2
- SHA256
  
  4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777
- SHA512
  
  e9959f74b0c4cb34c1167eb622fbdd8ae8bbeb808ca8d6680bc82f22c9d0566b6dac30b1376837fd54a4b21bac7af414bccc90e849ec32b2f78564d98bf5674f
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy