Overview

overview

10

Static

static

10

$96,927.38...y.docx

windows7_x64

7

$96,927.38...y.docx

windows10_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    $96,927.38 MT013 Copy.docx

  • Size

    10KB

  • Sample

    210603-4ng2pwlsrj

  • MD5

    6fa8c80b8b0557043302123a366dc34f

  • SHA1

    a5cfaaedfb750e55023919b9481d6242011276b2

  • SHA256

    e9cf636fbebd1d9104cf8f508c718c81ca1349ba092f4aeb05d3c668fabe3f96

  • SHA512

    779455fad9646f85dab24c2052be54dc30dd24a132ff8b191bbdf1edde37137ed2182d85c8216b438c4750012a19968b7fd6b89f331633f752e02aa34c504735

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://bit.do/fQYhD

Targets

    • Target

      $96,927.38 MT013 Copy.docx

    • Size

      10KB

    • MD5

      6fa8c80b8b0557043302123a366dc34f

    • SHA1

      a5cfaaedfb750e55023919b9481d6242011276b2

    • SHA256

      e9cf636fbebd1d9104cf8f508c718c81ca1349ba092f4aeb05d3c668fabe3f96

    • SHA512

      779455fad9646f85dab24c2052be54dc30dd24a132ff8b191bbdf1edde37137ed2182d85c8216b438c4750012a19968b7fd6b89f331633f752e02aa34c504735

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks