2af39f18d2425772d604b14a66fa078ba7b2e7c1b252d9b9d6700f50023f72d2 | Triage

Submit
Reports

Overview

overview

Static

static

e9251e1f_b...is.doc

windows7_x64

7

e9251e1f_b...is.doc

windows10_x64

1

Sharing

General

Target

e9251e1f_by_Libranalysis
Size

10KB
Sample

210430-lpq32rnn4j
MD5

e9251e1f304381e9bfcd08dbfd576ce5
SHA1

dcee651dbfb6f9154a3b4170a65d88c9905fa031
SHA256

2af39f18d2425772d604b14a66fa078ba7b2e7c1b252d9b9d6700f50023f72d2
SHA512

a0bbe31458b3043258a0383045ca00bdc34ff217c01ffdc2159d80b5755f72d5967e7d79f386d89bc766f222194dc52cef8021b42aad9b8443ff50296cad5a0f

Score

10^/10

websettings

Static task

static1

Behavioral task

behavioral1

Sample

e9251e1f_by_Libranalysis.doc

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e9251e1f_by_Libranalysis.doc

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Rule

Microsoft Office WebSettings Relationship

C2

https://lidamtour.com/masivo/ala/cronsrt/corn.dot

Targets

- Target
  
  e9251e1f_by_Libranalysis
- Size
  
  10KB
- MD5
  
  e9251e1f304381e9bfcd08dbfd576ce5
- SHA1
  
  dcee651dbfb6f9154a3b4170a65d88c9905fa031
- SHA256
  
  2af39f18d2425772d604b14a66fa078ba7b2e7c1b252d9b9d6700f50023f72d2
- SHA512
  
  a0bbe31458b3043258a0383045ca00bdc34ff217c01ffdc2159d80b5755f72d5967e7d79f386d89bc766f222194dc52cef8021b42aad9b8443ff50296cad5a0f
Score

7^/10
- Abuses OpenXML format to download file from external location
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy