Overview

overview

10

Static

static

10

5522141907...9.docx

windows7-x64

7

5522141907...9.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    552214190703ccaffba4c222ca4cd779

  • Size

    10KB

  • Sample

    240112-b13j7accem

  • MD5

    552214190703ccaffba4c222ca4cd779

  • SHA1

    b93492865afe4ccfb27ae046f5d03cc60b62c6af

  • SHA256

    090afb48c7e4d1e1275ecaf8da8a802a6384a0241b92a4ea2e01b599a4c9f9d0

  • SHA512

    ec822ef7d723376fcea61bc1cc428fe0c62afdb1dc2fd44b00426e57699b8e064e266fb091cae878463137dc2b827a596cbbd0ef28b5ff404fdaba022a3fd408

  • SSDEEP

    192:ScIMmtP12G/bWvsq2VwOPvrdlJFOyX3SR:SPXjmx2KOHjJFlnG

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://198.23.207.82/...----------------------.--------.-------------------.-/..--------------------.---------------.....------wiz.wiz

Targets

    • Target

      552214190703ccaffba4c222ca4cd779

    • Size

      10KB

    • MD5

      552214190703ccaffba4c222ca4cd779

    • SHA1

      b93492865afe4ccfb27ae046f5d03cc60b62c6af

    • SHA256

      090afb48c7e4d1e1275ecaf8da8a802a6384a0241b92a4ea2e01b599a4c9f9d0

    • SHA512

      ec822ef7d723376fcea61bc1cc428fe0c62afdb1dc2fd44b00426e57699b8e064e266fb091cae878463137dc2b827a596cbbd0ef28b5ff404fdaba022a3fd408

    • SSDEEP

      192:ScIMmtP12G/bWvsq2VwOPvrdlJFOyX3SR:SPXjmx2KOHjJFlnG

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks