Overview

overview

10

Static

static

10

PO 010-240.docx

windows7-x64

7

PO 010-240.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO 010-240.docx

  • Size

    10KB

  • Sample

    230303-pk1ybahd77

  • MD5

    1cb238263947b5019937888d3cad8833

  • SHA1

    15d5367bd9cd0fb7fec8ca9ef2360b57a40c63c0

  • SHA256

    3db84a830fee9dea668512769206f1002edf7d27747611f728c14974cd14726a

  • SHA512

    d73cd6a02a2fb6f481a00b7e96d45b7091ac1a5a3fb57763923864fabacb2eb8c945150adf740a64d7d7eae94ac23c9b47b7471fc6e6a9a50f11aca051339748

  • SSDEEP

    192:ScIMmtP1aIG/bslPL++uO+A5Wgywl+CVWBXJC0c3hzVG:SPXU/slT+LO+mbywHkZC9K

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://OIWEROFSDFOOWROOSDFODFOWESODFGDOFGOSDFOIOFSODOXCVVODOO00FOF00F0DF0FFSDF0SDF00SDF0DF0SDF00SDF0S0DF00DF@3324948138/rr........................................................doc

Targets

    • Target

      PO 010-240.docx

    • Size

      10KB

    • MD5

      1cb238263947b5019937888d3cad8833

    • SHA1

      15d5367bd9cd0fb7fec8ca9ef2360b57a40c63c0

    • SHA256

      3db84a830fee9dea668512769206f1002edf7d27747611f728c14974cd14726a

    • SHA512

      d73cd6a02a2fb6f481a00b7e96d45b7091ac1a5a3fb57763923864fabacb2eb8c945150adf740a64d7d7eae94ac23c9b47b7471fc6e6a9a50f11aca051339748

    • SSDEEP

      192:ScIMmtP1aIG/bslPL++uO+A5Wgywl+CVWBXJC0c3hzVG:SPXU/slT+LO+mbywHkZC9K

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks