4fdab1bae9c4c1a40197d9328862fa3a5e938c26464954367358caaaab0d21de | Triage

Submit
Reports

Overview

overview

Static

static

38106f6c10...7.docx

windows7-x64

7

38106f6c10...7.docx

windows10-2004-x64

1

Sharing

General

Target

38106f6c10bbea4dd4713bc3c85a3277
Size

10KB
Sample

231231-qrsqyscadm
MD5

38106f6c10bbea4dd4713bc3c85a3277
SHA1

72585bf780b995e8c25e715704b1d470469c23e4
SHA256

4fdab1bae9c4c1a40197d9328862fa3a5e938c26464954367358caaaab0d21de
SHA512

05dd68309121289214efee4ff1986d9d802f1e3d771f019be7343b5326d383855efbd743862d68de4dbff075ad0f5387db8ca56f27af812c903961ceade6a133
SSDEEP

192:ScIMmtPZG/bEpOMgEamWBXpK0ydJb3FXuN:SPXEEpOMNoEP7bk

Score

10^/10

websettings

Static task

static1

Behavioral task

behavioral1

Sample

38106f6c10bbea4dd4713bc3c85a3277.docx

Resource

win7-20231215-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

38106f6c10bbea4dd4713bc3c85a3277.docx

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Rule

Microsoft Office WebSettings Relationship

C2

https://longurl.in/htYUl

Targets

- Target
  
  38106f6c10bbea4dd4713bc3c85a3277
- Size
  
  10KB
- MD5
  
  38106f6c10bbea4dd4713bc3c85a3277
- SHA1
  
  72585bf780b995e8c25e715704b1d470469c23e4
- SHA256
  
  4fdab1bae9c4c1a40197d9328862fa3a5e938c26464954367358caaaab0d21de
- SHA512
  
  05dd68309121289214efee4ff1986d9d802f1e3d771f019be7343b5326d383855efbd743862d68de4dbff075ad0f5387db8ca56f27af812c903961ceade6a133
- SSDEEP
  
  192:ScIMmtPZG/bEpOMgEamWBXpK0ydJb3FXuN:SPXEEpOMNoEP7bk
Score

7^/10
- Abuses OpenXML format to download file from external location
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy