Overview

overview

10

Static

static

10

3d3427a09a...c.docx

windows7-x64

7

3d3427a09a...c.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b9571630868381221bee77b8fe5079ca.bin

  • Size

    7KB

  • Sample

    230301-b423tsea89

  • MD5

    d44c00fb69973d8f7edc467cd285c2e5

  • SHA1

    e31b5c0273a9e903447b5bae6293ffa692a21b56

  • SHA256

    6b4706a9aec4c84f15378e7a734abca339cd7ca45f3f2d3101c61053e22377fd

  • SHA512

    35ac052809cfc086b8562a5b66c5dc7969cb9c546aba921c3565fe71b39909985cdc0a17464cd244d50435d567db3bc4bbee095a36687c53af4baa35900cb4f6

  • SSDEEP

    96:Ue2uykJru/zr1kBsyyplYv1bjHmYSUfPFVOyj9qwTnt4qajmGgd726AbL:dtvNun1GyplYv1XUGlEwvajmGgBW

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://qquuuq9werqwqqqq00qwewerSASWERWRWIERIWERIEWIR00R0WEQQ00000000000000WEDRDEDRREDDRDD0000000000WSDJHFJDSFJHJ@3324948138/c00----------------------------.DOC

Targets

    • Target

      3d3427a09aceb2dfcceaf2c8a232df04929a4bec0b43428ef595bbbd16162ddc.doc

    • Size

      10KB

    • MD5

      b9571630868381221bee77b8fe5079ca

    • SHA1

      12228855be9ea4783d1034678e00ddb51732d83b

    • SHA256

      3d3427a09aceb2dfcceaf2c8a232df04929a4bec0b43428ef595bbbd16162ddc

    • SHA512

      209a9a056f36d3f709f5abeffcd33e6f918094921efc79c1deaede609e25b2fe752c60b3c86b0b6b61f0ff4365a8c45917343303bd4fa7d60762fc3d1287e897

    • SSDEEP

      192:ScIMmtP1aIG/bslPL++uO+l+CVWBXJC0c3uG/:SPXU/slT+LO+HkZC9N

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks