Overview

overview

10

Static

static

10

July Tom-P...1.docx

windows7-x64

7

July Tom-P...1.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    July Tom-P _Updated SOA &Inv_989220091.docx.zip

  • Size

    7KB

  • Sample

    231012-jbkbbagb49

  • MD5

    255e3a6a821785c47acf0af556b0a8f6

  • SHA1

    44a1c3a9363639362fe0fb980a9d6134c00d2a81

  • SHA256

    d382f6c5aff05b46f22546f132020781ac93af063aa4f8437a2ff9f3415fdd0f

  • SHA512

    3800cdb206fb9b7307c57038d28bca0aa29f7d292af6a5fa41662aa5a2c693d26cc10c90693d32e9cb5aa8550bafbad124cf13f6b7fc09b6881fb07e45af8602

  • SSDEEP

    192:thMBUfGWnr2/O6a6d45o9WKR1nk3GE3Az9X:fMFWnWOD89WKRSWIs5

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://myown.bio/ioh

Targets

    • Target

      July Tom-P _Updated SOA &Inv_989220091.docx

    • Size

      10KB

    • MD5

      c1bb23528828ff09426a115719ae2c0b

    • SHA1

      ce26c7b8620aac8878f955cee07446b0524762d4

    • SHA256

      f0aa6b9817763911158118b843fe4859cd6314617dad97b350f755fd60a28343

    • SHA512

      7b3d79b762f36b0ebdb9df8af4fe5a356d5abd7cf6cd7d25e63a1c2b435206fe4ba5f02b2bc42d2e75f706411bd1947d9b7cfa87108d0a9a00be3b2c1c852b54

    • SSDEEP

      192:ScIMmtPx+nj5G/b1rVpnOjn22W5TNcQDxthYSLg3m0R:SPX5KcZObrhILhYSLAm4

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks