Overview

overview

10

Static

static

10

66bee64e38...f.docx

windows7-x64

7

66bee64e38...f.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66bee64e38d4d0aef4463ae7712cc3bf

  • Size

    10KB

  • Sample

    240119-fg9llsfgh8

  • MD5

    66bee64e38d4d0aef4463ae7712cc3bf

  • SHA1

    fa70334963b3205aa24f3d5d47d2d227f8e7b2e6

  • SHA256

    3e3a5e3a7d3dca91eac32595f74eebc474f355525aba9a960e53d3398e0620d0

  • SHA512

    97926562eb89c3011783b4970bb5942f9a91e1c29cdf2818e513944b7de113f1e5d2a75e3670cd3b7f9b2e33efdb1b14b3dffc6b0bff3223cdee27ad2289c225

  • SSDEEP

    192:ScIMmtPVG/bD1YafOOCgb5SEzBC4vNqW6032p:SPX4D1YLOCKhlqa6

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://upurl.me/ddvcu

Targets

    • Target

      66bee64e38d4d0aef4463ae7712cc3bf

    • Size

      10KB

    • MD5

      66bee64e38d4d0aef4463ae7712cc3bf

    • SHA1

      fa70334963b3205aa24f3d5d47d2d227f8e7b2e6

    • SHA256

      3e3a5e3a7d3dca91eac32595f74eebc474f355525aba9a960e53d3398e0620d0

    • SHA512

      97926562eb89c3011783b4970bb5942f9a91e1c29cdf2818e513944b7de113f1e5d2a75e3670cd3b7f9b2e33efdb1b14b3dffc6b0bff3223cdee27ad2289c225

    • SSDEEP

      192:ScIMmtPVG/bD1YafOOCgb5SEzBC4vNqW6032p:SPX4D1YLOCKhlqa6

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks