Overview

overview

10

Static

static

10

f7f48e5e7b...2.docx

windows7-x64

7

f7f48e5e7b...2.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7f48e5e7b123e98e0d5e0f391d0583a1b56e50dac27e83d5077ef254fbbef52

  • Size

    11KB

  • Sample

    221130-xwsebaah4w

  • MD5

    3b5ae796163ea0c6e09d58ec9582137e

  • SHA1

    869de66274f814c70152151ce63287451e418899

  • SHA256

    f7f48e5e7b123e98e0d5e0f391d0583a1b56e50dac27e83d5077ef254fbbef52

  • SHA512

    24c10248db5aac0b75c3bfad8765224d13fae32251e3701426986002f54ded6510541df34cdc2411e069cadfd44ee074d50158910d97ae452482cca46fe9d806

  • SSDEEP

    192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCy+V5:aNxUyn0i13LROEiOLkX6Ujnw+3EV5

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://n9.cl/sepgq

Targets

    • Target

      f7f48e5e7b123e98e0d5e0f391d0583a1b56e50dac27e83d5077ef254fbbef52

    • Size

      11KB

    • MD5

      3b5ae796163ea0c6e09d58ec9582137e

    • SHA1

      869de66274f814c70152151ce63287451e418899

    • SHA256

      f7f48e5e7b123e98e0d5e0f391d0583a1b56e50dac27e83d5077ef254fbbef52

    • SHA512

      24c10248db5aac0b75c3bfad8765224d13fae32251e3701426986002f54ded6510541df34cdc2411e069cadfd44ee074d50158910d97ae452482cca46fe9d806

    • SSDEEP

      192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCy+V5:aNxUyn0i13LROEiOLkX6Ujnw+3EV5

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks