4ff4f1d31926b86bc3d8bcdb13a445ec7637edd9f4ae48c153262a713c1f72b0 | Triage

Submit
Reports

Overview

overview

Static

static

TT_COPY.MT...T.docx

windows7_x64

7

TT_COPY.MT...T.docx

windows10_x64

1

Sharing

General

Target

TT_COPY.MT103.SWIFT.docx
Size

10KB
Sample

210622-b739863a32
MD5

0af91d7b71322d26388ca7514ac04ec9
SHA1

1589484b4e088060c6d98be0f0722b1073ed5519
SHA256

4ff4f1d31926b86bc3d8bcdb13a445ec7637edd9f4ae48c153262a713c1f72b0
SHA512

f60f19dabde1702615224fa46f992aad77b5e8b3bb5c4a34c826a4bfc8b9f8ca4818820c3926a4094675487f2de842975b7211a649e07fca3ee56464839b79ba

Score

10^/10

websettings

Static task

static1

Behavioral task

behavioral1

Sample

TT_COPY.MT103.SWIFT.docx

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

TT_COPY.MT103.SWIFT.docx

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Rule

Microsoft Office WebSettings Relationship

C2

https://win32indexdummy_username@itsssl.com/JmQEk

Targets

- Target
  
  TT_COPY.MT103.SWIFT.docx
- Size
  
  10KB
- MD5
  
  0af91d7b71322d26388ca7514ac04ec9
- SHA1
  
  1589484b4e088060c6d98be0f0722b1073ed5519
- SHA256
  
  4ff4f1d31926b86bc3d8bcdb13a445ec7637edd9f4ae48c153262a713c1f72b0
- SHA512
  
  f60f19dabde1702615224fa46f992aad77b5e8b3bb5c4a34c826a4bfc8b9f8ca4818820c3926a4094675487f2de842975b7211a649e07fca3ee56464839b79ba
Score

7^/10
- Abuses OpenXML format to download file from external location
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy