Overview

overview

10

Static

static

10

990de0b3ee...8.docx

windows7-x64

7

990de0b3ee...8.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8959843037.zip

  • Size

    7KB

  • Sample

    230202-r9w2rsbe2y

  • MD5

    5973275e8f531201aa941a3637fe2bfb

  • SHA1

    be2865b73e4d10468f57a704c43cf06019585d3c

  • SHA256

    cfe6d5b0705abc61e4f9561548f95cf843ff5885cae71460d69a3eda320e3391

  • SHA512

    b8f49cca5fee1219f7d65649a7f50248184f77b9baada575458f6d1945120d9944c56d6012693b2d2f510c73f2729a4d5d2c3f067a911ea6a92267f717bbf65a

  • SSDEEP

    96:jbWKMQ6Y0peDVspeU/iNxw09i+ioLVV7STsugemd6uAu4gIUJJ6H3RSSep4oPha8:jbNFvtS8UaoryV7cnge0+XRnMxaKjn

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://dgdfghfj000000fghfghfghg00000fhfghfgsdgfgg000000dfgdfgertd000000fgdfgdfg@3235032956/_________________i.doc

Targets

    • Target

      990de0b3eec5caed36cf4e98440c8fff03d02a53cec1a8a37f03416dd0454ca8

    • Size

      10KB

    • MD5

      d18fcb5e6f0798b2f08f8c8d917598e0

    • SHA1

      be69281e9f8869d90298fa4cb777b6d9879c4842

    • SHA256

      990de0b3eec5caed36cf4e98440c8fff03d02a53cec1a8a37f03416dd0454ca8

    • SHA512

      fef867ab8a0fe09ddcc04d7049d464d5a15ac5b6fa851433450402b5cfaefec483fbf4d998603b2f067570111e5176312a7a6d4576fa370e9f698553b4926cae

    • SSDEEP

      192:ScIMmtP5hG/b7XN+eOzO+5+5F7Jar/YEChI3ahV:SPXRE7XtOz7wtar/YECOE

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks