Overview

overview

10

Static

static

10

5188f004c7...7.docx

windows7-x64

7

5188f004c7...7.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5188f004c713cde941be3fd5c09a7967

  • Size

    10KB

  • Sample

    240110-y9h88sfghn

  • MD5

    5188f004c713cde941be3fd5c09a7967

  • SHA1

    e0a23d7daf7c3786b5535cab6423c2c4f1f08a8e

  • SHA256

    e7a518b83d9f57a4cb8726afc6bb27a15f6e68655552e13b24481df83b9320fb

  • SHA512

    58d3ae5adab4ca90e251db4b9eb738cd9eb53c4b6279fefeba32fa0c5b2dd1e07657843d424d51f2c0d500d0d405c5c31ef70fed8102ae8cbdf7795bde76793c

  • SSDEEP

    192:ScIMmtPZG/bEpONgEamWBXpK0ydJb3FZGF:SPXEEpONNoEP7b+

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://198.23.212.137/.--------------------------.........------------------.-------/.----...............---....inv.w.........................-.-..wiz

Targets

    • Target

      5188f004c713cde941be3fd5c09a7967

    • Size

      10KB

    • MD5

      5188f004c713cde941be3fd5c09a7967

    • SHA1

      e0a23d7daf7c3786b5535cab6423c2c4f1f08a8e

    • SHA256

      e7a518b83d9f57a4cb8726afc6bb27a15f6e68655552e13b24481df83b9320fb

    • SHA512

      58d3ae5adab4ca90e251db4b9eb738cd9eb53c4b6279fefeba32fa0c5b2dd1e07657843d424d51f2c0d500d0d405c5c31ef70fed8102ae8cbdf7795bde76793c

    • SSDEEP

      192:ScIMmtPZG/bEpONgEamWBXpK0ydJb3FZGF:SPXEEpONNoEP7b+

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks