Overview

overview

10

Static

static

10

86255e186d...6.docx

windows7-x64

7

86255e186d...6.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86255e186d21c74c14693a644dce28a6

  • Size

    10KB

  • Sample

    240201-gy7c9afabl

  • MD5

    86255e186d21c74c14693a644dce28a6

  • SHA1

    d4177a60f4884035258c7de621d3c3ec9421e282

  • SHA256

    f2d27ce8d345c73931ceae72ca3100eda4481545a6e7d584bc20d19193dca2c0

  • SHA512

    a87be6b4233040aef5790a0e68e05459dc3d07a295b7eed8f4b88ba00a6d3429769fe54778779dca8599bd5ba6f8ad64110c0fbecbed09782ee3655c9d6bfdc1

  • SSDEEP

    192:ScIMmtP12G/bWvsq2VwO1KrdlJFOyX3OR:SPXjmx2KO8jJFlnK

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://42url.com/H0mgJAlz

Targets

    • Target

      86255e186d21c74c14693a644dce28a6

    • Size

      10KB

    • MD5

      86255e186d21c74c14693a644dce28a6

    • SHA1

      d4177a60f4884035258c7de621d3c3ec9421e282

    • SHA256

      f2d27ce8d345c73931ceae72ca3100eda4481545a6e7d584bc20d19193dca2c0

    • SHA512

      a87be6b4233040aef5790a0e68e05459dc3d07a295b7eed8f4b88ba00a6d3429769fe54778779dca8599bd5ba6f8ad64110c0fbecbed09782ee3655c9d6bfdc1

    • SSDEEP

      192:ScIMmtP12G/bWvsq2VwO1KrdlJFOyX3OR:SPXjmx2KO8jJFlnK

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks