629cd58bcd9079af6d9d67fa58270e634cc9b79b7b66e5504c92f1163f6f06f0 | Triage

Submit
Reports

Overview

overview

Static

static

fdsff131.docx

windows7-x64

8

fdsff131.docx

windows10-2004-x64

1

Sharing

General

Target

fdsff131.docx
Size

10KB
Sample

230131-nbkz3ahh31
MD5

371a1e692de56e1513ef40c189d2127a
SHA1

f1d2458b41a032076dc514b900d6b478974149a3
SHA256

629cd58bcd9079af6d9d67fa58270e634cc9b79b7b66e5504c92f1163f6f06f0
SHA512

c63ac451e5330fec104c4f7ca97f7938329809333e608ec8e1500bfa77430568744c0f64afcda551882c703fafc10dda8cfac98fda1a73bac6170ccb95ddbccd
SSDEEP

192:ScIMmtP5hG/b7XN+eOs7O+5+5F7Jar/YEChI3s5:SPXRE7XtOs77wtar/YECOA

Score

10^/10

websettings

Static task

static1

Behavioral task

behavioral1

Sample

fdsff131.docx

Resource

win7-20221111-en

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

fdsff131.docx

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Rule

Microsoft Office WebSettings Relationship

C2

http://dgdfgh0000000fjfghfghfgh000000000gfhfghfgs00000dgfggdfgdfgert0000000dfgdfgdfg@3569425924/__________________o.doc

Targets

- Target
  
  fdsff131.docx
- Size
  
  10KB
- MD5
  
  371a1e692de56e1513ef40c189d2127a
- SHA1
  
  f1d2458b41a032076dc514b900d6b478974149a3
- SHA256
  
  629cd58bcd9079af6d9d67fa58270e634cc9b79b7b66e5504c92f1163f6f06f0
- SHA512
  
  c63ac451e5330fec104c4f7ca97f7938329809333e608ec8e1500bfa77430568744c0f64afcda551882c703fafc10dda8cfac98fda1a73bac6170ccb95ddbccd
- SSDEEP
  
  192:ScIMmtP5hG/b7XN+eOs7O+5+5F7Jar/YEChI3s5:SPXRE7XtOs77wtar/YECOA
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Abuses OpenXML format to download file from external location
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy