Overview

overview

10

Static

static

10

93ce3c5ee2...1.docx

windows7-x64

7

93ce3c5ee2...1.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9429113838.zip

  • Size

    7KB

  • Sample

    230308-rr6hgsca23

  • MD5

    0058a8578c6fbdcbd4b23913ce24d165

  • SHA1

    302b9a507f66b1a57aa71eaba10f990a5348c8db

  • SHA256

    50ee98813ffbb6a51b2c5fad9026ea77c24edff1550d6f49fc9b162df5af0d61

  • SHA512

    f5070a3f3abdea1726e03f33c1c5e31c2553523c4f1e6ea057423d70f4ed2e83cd94e9109839c3e4d3560a44b89254dc7afe27448e82a9d9c13078a104c2940c

  • SSDEEP

    192:W+n4o4rCpr/92wZYyjQRenaRptIRCL/aPJ15DmjEW74Bd2Z1Kk4c8:W+d2CprlvTERenaRrQvj5DNq4Bd2LnR8

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://yyyyyYYYYUUSUUUUUUU3243242UUU23U423U4UU2UWWWWW8W8W7W8WWWWWWW878W8W8WW78WWWW87W87W88WEEW787888W88W8W@392117348/mm.................................doc

Targets

    • Target

      93ce3c5ee269e4a972512a988b933a28e0ef2ad6e2c3d5cd8a081418ce245bd1

    • Size

      10KB

    • MD5

      85c7d2ed7c4b8b914013dc7b52776dc3

    • SHA1

      34fc7407cb6964ccecb7548e37a0be496aa67e8b

    • SHA256

      93ce3c5ee269e4a972512a988b933a28e0ef2ad6e2c3d5cd8a081418ce245bd1

    • SHA512

      67bb1d06cba1a3c5ab6d427f2ae4cfc41cd67fe76e4f9d3c2643d4e0d65eee65d0d741a319886e35f0ed1781340b08eb4ec3852cced4bfce16bbf6605ba16738

    • SSDEEP

      192:ScIMmtP1aIG/bslPL++uObl+CVWBXJC0c3vF:SPXU/slT+LObHkZC99

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks