Overview

overview

10

Static

static

10

e981344835...1.docx

windows7-x64

7

e981344835...1.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9813448356b78aea75ac1618d3c91134090968baaa3f212274564f77930a7c1

  • Size

    11KB

  • Sample

    221130-wz9bkadd73

  • MD5

    8b49ff55ab3e87806f8c631625391653

  • SHA1

    4108f6ba2973ec8b0162793eff64f9a28734a22f

  • SHA256

    e9813448356b78aea75ac1618d3c91134090968baaa3f212274564f77930a7c1

  • SHA512

    a892fa1187d8696c8d9693b77133ddc0972dee09f8868d9cecf572ee55868046c422e57b911a8b95d3e79ccc5961226b6f1f9dfa94b29d5f6d416c0ba78454ea

  • SSDEEP

    192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCNEEd7Vpy:aNxUyn0i13LROEiOLkX6Ujnw+38EqVpy

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://n9.cl/5426a

Targets

    • Target

      e9813448356b78aea75ac1618d3c91134090968baaa3f212274564f77930a7c1

    • Size

      11KB

    • MD5

      8b49ff55ab3e87806f8c631625391653

    • SHA1

      4108f6ba2973ec8b0162793eff64f9a28734a22f

    • SHA256

      e9813448356b78aea75ac1618d3c91134090968baaa3f212274564f77930a7c1

    • SHA512

      a892fa1187d8696c8d9693b77133ddc0972dee09f8868d9cecf572ee55868046c422e57b911a8b95d3e79ccc5961226b6f1f9dfa94b29d5f6d416c0ba78454ea

    • SSDEEP

      192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCNEEd7Vpy:aNxUyn0i13LROEiOLkX6Ujnw+38EqVpy

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks