c7e10bae93ecacb5a8c3fee798170048

MS Word Document
|
MD5: c7e10bae93ecacb5a8c3fee798170048
|
Size: 130.3 KB
|
application/msword

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	c7e10bae93ecacb5a8c3fee798170048
Sha1	1cc6af95a31429105df62cd7103a11083e26b018
Sha256	f86e26d5ae83a581b3d485121c2de43437474e2bb85d0b01c60c1fd56299b2cd
Sha384	73f5dd7606d2b9ddac1493254013364bb0f6e6fe5ed79e641d48fa6f94168c4e280e7f1b2562720ce050a01f0ee22178
Sha512	345109cdfc122e7dbca88d18cb6f10b977f79fe0175d3de353cefda450d115d87f466df208143c4a5f1061abd210ee1ba69d84b7a1f28bb315c2d780ff21fed6
SSDeep	3072:39oIWNLcRvvgONyRhqeK1CDY2Z2Pp1n3iswmCVE2s:3GNL8vvgOkRhpKKY2kPj3iswvC/
TLSH	02D3F1BAD28B5C07E69E163C6201C73EF3A36E07A4C2525D42E1B7BC57739D8BD52214

File Structure

Malware Configuration - Remote Template

Config. Field0	Value
Target	https://bestpeoplesgivenmebestthingswithbetterfuturewithmegoodbaybdbeetforgood,docx@scanqris.me/T7VwwP
Path	settings.xml.rels
XPath	/Relationships/Relationship
Outer XML	<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestpeoplesgivenmebestthingswithbetterfuturewithmegoodbaybdbeetforgood,docx@scanqris.me/T7VwwP" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />

Malware Configuration - Remote Template

Config. Field0	Value
Target	file:///D:\DATAHVNL3934%20TOOL%20phân%20tách\TOOL\250401%20DANH%20SÁCH%20QUẢN%20LÝ%20PUR%20MỚI%20102KI.xlsx
Path	externalLink1.xml.rels
XPath	/Relationships/Relationship
Outer XML	<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/externalLinkPath" Target="file:///D:\DATAHVNL3934%20TOOL%20phân%20tách\TOOL\250401%20DANH%20SÁCH%20QUẢN%20LÝ%20PUR%20MỚI%20102KI.xlsx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />

Artefacts

Name0	Value
Remote Template - Highly Suspicious	https://bestpeoplesgivenmebestthingswithbetterfuturewithmegoodbaybdbeetforgood,docx@scanqris.me/T7VwwP
Remote Template - Highly Suspicious	file:///D:\DATAHVNL3934%20TOOL%20phân%20tách\TOOL\250401%20DANH%20SÁCH%20QUẢN%20LÝ%20PUR%20MỚI%20102KI.xlsx

c7e10bae93ecacb5a8c3fee798170048 (130.3 KB)

File Structure

Characteristics

Malware Configuration - Remote Template

Config. Field0	Value
Target	https://bestpeoplesgivenmebestthingswithbetterfuturewithmegoodbaybdbeetforgood,docx@scanqris.me/T7VwwP
Path	settings.xml.rels
XPath	/Relationships/Relationship
Outer XML	<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestpeoplesgivenmebestthingswithbetterfuturewithmegoodbaybdbeetforgood,docx@scanqris.me/T7VwwP" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />

Malware Configuration - Remote Template

Config. Field0	Value
Target	file:///D:\DATAHVNL3934%20TOOL%20phân%20tách\TOOL\250401%20DANH%20SÁCH%20QUẢN%20LÝ%20PUR%20MỚI%20102KI.xlsx
Path	externalLink1.xml.rels
XPath	/Relationships/Relationship
Outer XML	<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/externalLinkPath" Target="file:///D:\DATAHVNL3934%20TOOL%20phân%20tách\TOOL\250401%20DANH%20SÁCH%20QUẢN%20LÝ%20PUR%20MỚI%20102KI.xlsx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />

Artefacts

Name0	Value	Location
Remote Template - Highly Suspicious	https://bestpeoplesgivenmebestthingswithbetterfuturewithmegoodbaybdbeetforgood,docx@scanqris.me/T7VwwP Malicious	c7e10bae93ecacb5a8c3fee798170048 > word > _rels > settings.xml.rels
Remote Template - Highly Suspicious	file:///D:\DATAHVNL3934%20TOOL%20phân%20tách\TOOL\250401%20DANH%20SÁCH%20QUẢN%20LÝ%20PUR%20MỚI%20102KI.xlsx Malicious	c7e10bae93ecacb5a8c3fee798170048 > word > embeddings > Microsoft_Office_Excel_Worksheet1.xlsx > xl > externalLinks > _rels > externalLink1.xml.rels

You must be signed in to post a comment.