Overview

overview

10

Static

static

10

174A21F85A...C.docx

windows7-x64

7

174A21F85A...C.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    174A21F85A5BB52DC8A8AB2609C8032CC69EA6D7A58A2D4EF8C9262EF708B05C

  • Size

    11KB

  • Sample

    230314-rvsqsshh6z

  • MD5

    a1158305bf2ebc9e3ea204dc7a7f1e05

  • SHA1

    42036be748b201442043153498db09389d641ccd

  • SHA256

    174a21f85a5bb52dc8a8ab2609c8032cc69ea6d7a58a2d4ef8c9262ef708b05c

  • SHA512

    afec0d30f1f7f157cc6da788d9f6cf9647db94301af4fc83ef0a00ec8464bb45d828b58de4a812db7eee2dd19774becfb94409ce8d2d57d05e17c44b0a4b8e5a

  • SSDEEP

    192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCwwiVp:aNxUyn0i13LROEiOLkX6Ujnw+3vwiVp

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://WEEEERRRRRRRRRRRPPPOOOOSSSSSSSOOOOOPPWEEEEEEEOOOOOOOCCVVVVVVVVOVVVVVVVVVVVVVVVVOOOOOO@3118348624/O_O.DOC

Targets

    • Target

      174A21F85A5BB52DC8A8AB2609C8032CC69EA6D7A58A2D4EF8C9262EF708B05C

    • Size

      11KB

    • MD5

      a1158305bf2ebc9e3ea204dc7a7f1e05

    • SHA1

      42036be748b201442043153498db09389d641ccd

    • SHA256

      174a21f85a5bb52dc8a8ab2609c8032cc69ea6d7a58a2d4ef8c9262ef708b05c

    • SHA512

      afec0d30f1f7f157cc6da788d9f6cf9647db94301af4fc83ef0a00ec8464bb45d828b58de4a812db7eee2dd19774becfb94409ce8d2d57d05e17c44b0a4b8e5a

    • SSDEEP

      192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCwwiVp:aNxUyn0i13LROEiOLkX6Ujnw+3vwiVp

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks