Overview

overview

10

Static

static

10

interflux 230101.docx

windows7-x64

7

interflux 230101.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55f21edd4d3d287b961b57d6215a809cc06fe00c8f649ed812522b8061276409

  • Size

    74KB

  • Sample

    230207-n7vt5sef7z

  • MD5

    924864516b404ab9bea204d36454e0b5

  • SHA1

    fa944681dc82d617466c8bc00400501e2c0842af

  • SHA256

    55f21edd4d3d287b961b57d6215a809cc06fe00c8f649ed812522b8061276409

  • SHA512

    c12746e6c993a82101baefba8830a7ec43938a98e4a0b8c509ecf0bc4a392f75e574a64bea4ff81909b923b2371a20abdada9c96ce1df0a4f5d570bb5ea47e53

  • SSDEEP

    768:eqn4HSU4TfJ12vh42TJNuHj6D5rllj8Gnu02FgGL/Q97o7d0AaaErKw2juRf6M5I:olA+udzj6W0AhEGDjQ5V7DD54

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://dgdfg00000000hfjf0000000ghfghfgh000000gfhfg0000hfgsdgfggd0000fgdfge00000rtdfgd00000fg00dfg@3221479282/77.doc

Targets

    • Target

      interflux 230101.docx

    • Size

      10KB

    • MD5

      f157a5cc78e487600b41a6a5626f4d5a

    • SHA1

      ab2c45e226c2b4b93ee247510eb5881e7c369550

    • SHA256

      5881b430be17648ec05e34ac31fd3634f2f41477009936bffa934646790e13d7

    • SHA512

      82d7344a173113c125458e73015770b1769c3c09b4b2cb678183fd46912911aa38e8f1a255b5e0f4cf2f35594344321474c803463384148d16e0a84f8b3dad49

    • SSDEEP

      192:ScIMmtP5hG/b7XN+eOQzO+5+5F7Jar/YEChI3CYqR:SPXRE7XtOa7wtar/YECOCYe

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks