Overview

overview

8

Static

static

8

tragedy_redux.zip

windows7-x64

1

tragedy_redux.zip

windows10-2004-x64

1

_rels/.xml

windows7-x64

1

_rels/.xml

windows10-2004-x64

1

docProps/app.xml

windows7-x64

1

docProps/app.xml

windows10-2004-x64

1

docProps/core.xml

windows7-x64

1

docProps/core.xml

windows10-2004-x64

1

word/_rels...nt.xml

windows7-x64

1

word/_rels...nt.xml

windows10-2004-x64

1

word/_rels...in.xml

windows7-x64

1

word/_rels...in.xml

windows10-2004-x64

1

word/document.xml

windows7-x64

1

word/document.xml

windows10-2004-x64

1

word/fontTable.xml

windows7-x64

1

word/fontTable.xml

windows10-2004-x64

1

word/settings.xml

windows7-x64

1

word/settings.xml

windows10-2004-x64

1

word/styles.xml

windows7-x64

1

word/styles.xml

windows10-2004-x64

1

word/theme/theme1.xml

windows7-x64

1

word/theme/theme1.xml

windows10-2004-x64

1

word/vbaData.xml

windows7-x64

1

word/vbaData.xml

windows10-2004-x64

1

word/vbaProject.doc

windows7-x64

1

word/vbaProject.doc

windows10-2004-x64

1

word/webSettings.xml

windows7-x64

1

word/webSettings.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-10-2023 23:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    _rels/.xml

  • Size

    590B

  • MD5

    77bf61733a633ea617a4db76ef769a4d

  • SHA1

    9d7abf0ee4effcecad80c8bbfb276079a05b4342

  • SHA256

    e19238d7a71fa7a2490776252686f70e2de6238c87cd509b5e3a3cc07c2ea4df

  • SHA512

    4f1d48a8273436dbb710bb5f26bdbb701e6c6346511d6ac2e4c7f92db705fa1332e0a4ef9063dc0886e2e5b8b01ec209f8f99890957fee635177c41b09bbe769

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\_rels\.xml"
    1⤵
      PID:2712

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2712-0-0x00007FF938950000-0x00007FF938960000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2712-1-0x00007FF9788D0000-0x00007FF978AC5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2712-2-0x00007FF9788D0000-0x00007FF978AC5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2712-3-0x00007FF9788D0000-0x00007FF978AC5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2712-4-0x00007FF976360000-0x00007FF976629000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/2712-5-0x00007FF938950000-0x00007FF938960000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2712-6-0x00007FF9788D0000-0x00007FF978AC5000-memory.dmp

      Filesize

      2.0MB

      Download