Overview

overview

10

Static

static

10

Challenge_...m.docx

windows7-x64

4

Challenge_...m.docx

windows10-2004-x64

1

Challenge_...1.docx

windows7-x64

4

Challenge_...1.docx

windows10-2004-x64

1

Challenge_...y.docx

windows7-x64

4

Challenge_...y.docx

windows10-2004-x64

1

Challenge_...1.docx

windows7-x64

4

Challenge_...1.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mshtml.zip

  • Size

    262KB

  • Sample

    230901-ksyqpsdf9x

  • MD5

    75a28db68a020da28cf223010f7c9f9c

  • SHA1

    361aa10961eed91b277ffea70641ed6435550d7d

  • SHA256

    31475717735f9aee20def2a4044b42a52cb92e8cf885b92a042099a273688135

  • SHA512

    6fbe84b932773d0e0f7b12ddcbb4d2b6f802036f71f42f95b65bed7d3a262db3609bbbc4ee8c54a5ee86c5e952da059bba1fd99ac532c07401a3bf98068f3964

  • SSDEEP

    6144:dem485iuNrJhuJGd0AkfX+Yk3xonVBio57pMN+UM8iNuiYwLGZTqUdJP+TDu:dempTJAQd0AmOX3mVBp1MN5Ri/YeGZTl

Score
10/10

Malware Config

Extracted

Rule
Microsoft Office MHTML OLEObject
C2

arsenal.30cm.tw:1212/word.html

http://175.24.190.249/note.html

http://trendparlye.com/wiki0509.html

http://hidusi.com/e8c76295a5f9acb7/side.html

Targets

    • Target

      Challenge_FIles/Employee_W2_Form.docx

    • Size

      12KB

    • MD5

      45e7d6562bfddb816d45649dd667abde

    • SHA1

      00087e46ec0ef6225de59868fd016bd9dd77fa3c

    • SHA256

      679bbe0c50754853978a3a583505ebb99bce720cf26a6aaf8be06cd879701ff1

    • SHA512

      0567873b42eece93787da4f4c3b72ecb0d952450d8eb59b354a5f91ed95395a2662171e05cdcf4a829fdbd0b5cbcca97701fef9b96b1ad0d8728922bbd0288fa

    • SSDEEP

      192:f6ijVmar18H111M05AgPekrFD2h0vsmyVk7PeOJ2wc3rMKkokceeQh:f6ijca6H111/eo1hvsHieIhoseQh

    Score
    4/10
    behavioral1behavioral2

    • Target

      Challenge_FIles/Employees_Contact_Audit_Oct_2021.docx

    • Size

      12KB

    • MD5

      d5742309ba8146be9eab4396fde77e4e

    • SHA1

      8aaa79ee4a81d02e1023a03aee62a47162a9ff04

    • SHA256

      ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a

    • SHA512

      37367ea06191c8a949f6c092bc4137736b344cc9892bf8a19e149557919d9276fb1301009a700cede0f2ca05d6827c827992817aee7b8968a5429e433fe0c8ba

    • SSDEEP

      192:60L6GkWglL+bzW6mlHRrZu87Fym3tZknRIhRHNwC3Eo+ETdlexwDvx/jVm9CoDFn:603kpLTZJHm+Eo+ETd4weCoDFLFd

    Score
    4/10
    behavioral3behavioral4

    • Target

      Challenge_FIles/Work_From_Home_Survey.doc

    • Size

      26KB

    • MD5

      41dacae2a33ee717abcc8011b705f2cb

    • SHA1

      4b35d14a2eab2b3a7e0b40b71955cdd36e06b4b9

    • SHA256

      84674acffba5101c8ac518019a9afe2a78a675ef3525a44dceddeed8a0092c69

    • SHA512

      11f7177dc3c8a804ff6450477e15aadd20fddac98205008db25a4f6ef69a54b7cb7c9dd0d7bdf1b1d317f306482d86ad5ef150530194de7d8dbe344203962648

    • SSDEEP

      768:8HVoVneOa0HD/vb9EVoiJWq8UCei96T8vuX3m86RAFvg5e:8QVvbvb9wnIq8OitP88eY5e

    Score
    4/10
    behavioral5behavioral6

    • Target

      Challenge_FIles/income_tax_and_benefit_return_2021.docx

    • Size

      23KB

    • MD5

      55998cb43459159a5ed4511f00ff3fc8

    • SHA1

      9bec2182cc5b41fe8783bb7ab6e577bac5c19f04

    • SHA256

      d0e1f97dbe2d0af9342e64d460527b088d85f96d38b1d1d4aa610c0987dca745

    • SHA512

      8f04951f9efb5acdad0a625d9f63154089d552fe4281ca53a759cc0a0468b8d9c76af863e34ed6e00802225a4408bcda1110a6efce30357e6173973ea5bf7838

    • SSDEEP

      384:Q6UDg00MWEg9fPCPyH111/elBqhveoNHfn5yAehqbhtgyhdCxi556BjsbIwRq:QcMWE04uebyvNv5yHcttg6dwc5YQb5w

    Score
    4/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Credential Access

Discovery

Query Registry

9
T1012

System Information Discovery

8
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks