Overview

overview

10

Static

static

10

8e696854a8...4.docx

windows7-x64

7

8e696854a8...4.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e696854a87a2bc2b7bf6a3358067a24

  • Size

    10KB

  • Sample

    240204-gwtdlsbbg6

  • MD5

    8e696854a87a2bc2b7bf6a3358067a24

  • SHA1

    bfa77e44d95889b47df4c0cba7351f7e563ca0c1

  • SHA256

    7ed26b0c689718b8a38b889c1299f90da39ff0106ed9fbfddb467daace2102a8

  • SHA512

    99b101110edb7ff2edda929402bb789c51edc421e014142d38a5aba352d143c368a07708893252b16e93828306244b37d6d9cff6f9b3c527bd506bd4bfa67e8f

  • SSDEEP

    192:ScIMmtP12G/bWvsq2VwONXrdlJFOyX3/z5b:SPXjmx2KOZjJFlnNb

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://42url.com/54vHw69a

Targets

    • Target

      8e696854a87a2bc2b7bf6a3358067a24

    • Size

      10KB

    • MD5

      8e696854a87a2bc2b7bf6a3358067a24

    • SHA1

      bfa77e44d95889b47df4c0cba7351f7e563ca0c1

    • SHA256

      7ed26b0c689718b8a38b889c1299f90da39ff0106ed9fbfddb467daace2102a8

    • SHA512

      99b101110edb7ff2edda929402bb789c51edc421e014142d38a5aba352d143c368a07708893252b16e93828306244b37d6d9cff6f9b3c527bd506bd4bfa67e8f

    • SSDEEP

      192:ScIMmtP12G/bWvsq2VwONXrdlJFOyX3/z5b:SPXjmx2KOZjJFlnNb

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks