Overview

overview

10

Static

static

10

db97d08861...f.docx

windows7-x64

7

db97d08861...f.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db97d08861be4a7ff939822ebc4d4abf

  • Size

    10KB

  • Sample

    240321-pctt2abb79

  • MD5

    db97d08861be4a7ff939822ebc4d4abf

  • SHA1

    3e7f96c63397896baaa0e251c8382fa594ee0b2b

  • SHA256

    1ffa45e9cc19b55c6c398729f46925121e99ba37018d9dbc7dd1e84113a78148

  • SHA512

    4e78236e7d05b0c8b2c3b805fb52245645e17d8698025aff6a0ee05bda56b598388b5e45ead2c869f9a41d67eb32d79ef46bd587a8b5dacbf0c6539c349ee2ab

  • SSDEEP

    192:ScIMmtPVG/bD1YafOOIgb5SEzBC4vNqW6036J:SPX4D1YLOIKhlqam

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://hiokurl.com/pNOIO

Targets

    • Target

      db97d08861be4a7ff939822ebc4d4abf

    • Size

      10KB

    • MD5

      db97d08861be4a7ff939822ebc4d4abf

    • SHA1

      3e7f96c63397896baaa0e251c8382fa594ee0b2b

    • SHA256

      1ffa45e9cc19b55c6c398729f46925121e99ba37018d9dbc7dd1e84113a78148

    • SHA512

      4e78236e7d05b0c8b2c3b805fb52245645e17d8698025aff6a0ee05bda56b598388b5e45ead2c869f9a41d67eb32d79ef46bd587a8b5dacbf0c6539c349ee2ab

    • SSDEEP

      192:ScIMmtPVG/bD1YafOOIgb5SEzBC4vNqW6036J:SPX4D1YLOIKhlqam

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks