95a6d5e9fd4e40d8f297e8c5d623fa5ce5e4b4eb1f150b19bec81bd28fc90f2a | Triage

Submit
Reports

Overview

overview

Static

static

TT082112.docx

windows7-x64

7

TT082112.docx

windows10-2004-x64

1

Sharing

General

Target

8c10f9d16cb9f763da642ca4f6d915c0
Size

25KB
Sample

240203-l8kpfseha3
MD5

8c10f9d16cb9f763da642ca4f6d915c0
SHA1

4704ab53509444503419523de8abfcfea0c408f9
SHA256

95a6d5e9fd4e40d8f297e8c5d623fa5ce5e4b4eb1f150b19bec81bd28fc90f2a
SHA512

54b8d8df2095f831c843d0843dd6b5a9fc39cb261dce3803b21ba485878606dd23ac51e8d4dd1e4967f964704510951fa32c46deb1ac32ba33277022343068c3
SSDEEP

768:HE1+tyjJUTjqKMVsIfNs6vswfv6uEZOwC:k1Myjy5CsYNs6vsMVEZY

Score

10^/10

websettings

Static task

static1

Behavioral task

behavioral1

Sample

TT082112.docx

Resource

win7-20231129-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

TT082112.docx

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Rule

Microsoft Office WebSettings Relationship

C2

https://42url.com/H0mgJAlz

Targets

- Target
  
  TT082112.docx
- Size
  
  10KB
- MD5
  
  86255e186d21c74c14693a644dce28a6
- SHA1
  
  d4177a60f4884035258c7de621d3c3ec9421e282
- SHA256
  
  f2d27ce8d345c73931ceae72ca3100eda4481545a6e7d584bc20d19193dca2c0
- SHA512
  
  a87be6b4233040aef5790a0e68e05459dc3d07a295b7eed8f4b88ba00a6d3429769fe54778779dca8599bd5ba6f8ad64110c0fbecbed09782ee3655c9d6bfdc1
- SSDEEP
  
  192:ScIMmtP12G/bWvsq2VwO1KrdlJFOyX3OR:SPXjmx2KO8jJFlnK
Score

7^/10
- Abuses OpenXML format to download file from external location
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy