Overview

overview

10

Static

static

10

PO20200419.docx

windows7-x64

7

PO20200419.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    23713fa3eed5fe1362bb2599adb4e7e8

  • Size

    54KB

  • Sample

    231225-q783wadhdm

  • MD5

    23713fa3eed5fe1362bb2599adb4e7e8

  • SHA1

    902f3dbbf744443db22c3c72d76bc92482b61d46

  • SHA256

    6b1e0a232408d016361818ca29acf9a579059f9773e5d3710ed076bbd9ffc80b

  • SHA512

    da12afa30b0c25e6bd3f9969c1a8f558fedf56a03f2cfd0a73e2043c016df014dc18f4e4a2232997b452c4418261b90fb632b0f5cf46ba156ab922ccca0f8d48

  • SSDEEP

    1536:yAkw+ZdiVGyzpf1Bb0PhWFkdem9ZnW1+S5NkHXg527:yAkw+ZdiVGyzp3oukdVk+2vC

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://hiokurl.com/VcI59

Targets

    • Target

      PO20200419.docx

    • Size

      10KB

    • MD5

      774cae8aa982bc0f679c325ca2fa9011

    • SHA1

      cef5a7a6526efd076e52d10e596ff16272fa81a9

    • SHA256

      a0fcad82fb5be224237ae0b9fd669ddbb806fab268323c46622fd3b64c1067b5

    • SHA512

      73bbd2be8539ab9345fe7c2e81b4d9847eef9315e514712beb784945d22917e34c54d1e89a3c44a1b8c0ac35c07b276552884a6cc9208c5eded36cd88bf6378e

    • SSDEEP

      192:ScIMmtPVG/bD1YafOOFQgb5SEzBC4vNqW603fx:SPX4D1YLOFQKhlqaZ

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks