Loading ...

Play interactive tourEdit tour

Analysis Report COVID-19 Advice from the Australian Government.docx

Overview

General Information

Sample Name:COVID-19 Advice from the Australian Government.docx
MD5:dc0ac6506cb941bc55222b68a8e78b73
SHA1:b86dcf81990372bd6a99fde829e96d7543b881a5
SHA256:3760e4dc9ee824d61933a7c11196a03f931b901d6d11fd05ebaf512dcfbe87b7

Most interesting Screenshot:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Form action URLs do not match main URL
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware

Classification

Startup

  • System is w10x64
  • WINWORD.EXE (PID: 4344 cmdline: 'C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE' /Automation -Embedding MD5: EFDE23ECDF60D334C31AF2A041439360)
  • iexplore.exe (PID: 4800 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 604 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4800 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results