Malicious
Malicious

6eb25dc69add782678dd625fe56055d9

MS Word Document
|
MD5: 6eb25dc69add782678dd625fe56055d9
|
Size: 210.8 KB
|
application/msword

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
6eb25dc69add782678dd625fe56055d9
Sha1
d28c50026ffa8fa65111f9c4eb6f3bc818081b48
Sha256
fedadf230b08a70fbe14c66d2ce63a455a72cb03c53e9dd9579a59a881561469
Sha384
bb07eb314f95bf443f6db381141812e9c8f1458d0af4224bf96b6822f50d9559e4ccb57312d2455a5d83718a612ce689
Sha512
93d35decd1473ad647a81253d2dac519f934569ef42cf4887c09244d6333b7dbbc7cedbae235edb107c0f1a658227a6bab11b884588931be2c2f6c23293e96a3
SSDeep
6144:8cMEIBIVTxW0Njh645R9vBRlxDl7g9RWu5Wr5EAeASAdN:JT2IVRjh6o9p9h78Wu5WJnn
TLSH
E0241312BD03F4CCD2AA0237B826B0395075F861EBE9677527290856DF76E0EF275306
File Structure
6eb25dc69add782678dd625fe56055d9
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
header2.xml.rels
footer2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer2.xml
footer3.xml
header3.xml
endnotes.xml
header2.xml
media
image1.emf
image2.emf
embeddings
Malicious
Microsoft_Office_Excel_97-2003_Worksheet1.xls
Malicious
.
Root Entry
Ole
EPRINT
CompObj
ObjInfo
Workbook
SummaryInformation
DocumentSummaryInformation
[Formulas]
Malicious
Microsoft_Office_Excel_Worksheet1.xlsx
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
sharedStrings.xml
drawings
_rels
drawing1.xml.rels
drawing1.xml
worksheets
_rels
sheet1.xml.rels
sheet1.xml
theme
theme1.xml
styles.xml
media
image1.png
image1.png-preview.png
printerSettings
printerSettings1.bin
docProps
thumbnail.wmf
core.xml
app.xml
custom.xml
theme
theme1.xml
settings.xml
styles.xml
webSettings.xml
fontTable.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://bestopportunitiesgivenbettersettingsforbesttingswithbetterwayincorporating.docx@wedew.link/JXPDVg
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestopportunitiesgivenbettersettingsforbesttingswithbetterwayincorporating.docx@wedew.link/JXPDVg" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious Document RelationShip

https://bestopportunitiesgivenbettersettingsforbesttingswithbetterwayincorporating.docx@wedew.link/JXPDVg
6eb25dc69add782678dd625fe56055d9 (210.8 KB)
File Structure
6eb25dc69add782678dd625fe56055d9
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
header2.xml.rels
footer2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer2.xml
footer3.xml
header3.xml
endnotes.xml
header2.xml
media
image1.emf
image2.emf
embeddings
Malicious
Microsoft_Office_Excel_97-2003_Worksheet1.xls
Malicious
.
Root Entry
Ole
EPRINT
CompObj
ObjInfo
Workbook
SummaryInformation
DocumentSummaryInformation
[Formulas]
Malicious
Microsoft_Office_Excel_Worksheet1.xlsx
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
sharedStrings.xml
drawings
_rels
drawing1.xml.rels
drawing1.xml
worksheets
_rels
sheet1.xml.rels
sheet1.xml
theme
theme1.xml
styles.xml
media
image1.png
image1.png-preview.png
printerSettings
printerSettings1.bin
docProps
thumbnail.wmf
core.xml
app.xml
custom.xml
theme
theme1.xml
settings.xml
styles.xml
webSettings.xml
fontTable.xml
docProps
app.xml
core.xml
Characteristics
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://bestopportunitiesgivenbettersettingsforbesttingswithbetterwayincorporating.docx@wedew.link/JXPDVg
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestopportunitiesgivenbettersettingsforbesttingswithbetterwayincorporating.docx@wedew.link/JXPDVg" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value Location
Remote Template - Highly Suspicious Document RelationShip

https://bestopportunitiesgivenbettersettingsforbesttingswithbetterwayincorporating.docx@wedew.link/JXPDVg

Malicious

6eb25dc69add782678dd625fe56055d9 > word > _rels > settings.xml.rels
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙