Malicious
Malicious

e6995a538737f809617afdf59e3eb0bc

MS Word Document
|
MD5: e6995a538737f809617afdf59e3eb0bc
|
Size: 291.11 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
e6995a538737f809617afdf59e3eb0bc
Sha1
0eae5dcf846050e073b667a7ec457e170be1652a
Sha256
17697ff1d7528fc4d2f0a359d2d94dd5b6253f736f8836624993b2e3c19caa42
Sha384
55558c8ceaf1459e340701a853f051f9bd356a45cc94f23bf11644d3e6dd2cebb29b4358b44927e0debeb81facbd61db
Sha512
ad6a1de995f16985939f5b62d7968bc48c0182c58177ce304dbea346c28994f9a796bbca89bb3140f0b30496b135a69d1f2f61c21ec2485cdadeefe778649d57
SSDeep
6144:+/LjXKGDc/ZZvg0I+18qxnivzQOgN9qDqoAmmYRQhhTG:CLmbZZvFL1877QvN9qhlmhTG
TLSH
FD5423EFFAAC23C5D724C1A198B3BA5446ACD4CACB47B9439B5C6F0D922A4C74011837
File Structure
e6995a538737f809617afdf59e3eb0bc
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
document.xml
media
image1.emf
embeddings
oleObject1.bin
Root Entry
Ole
CompObj
ObjInfo
CONTENTS
Text (Preview)
Page #1
Page #2
#Stream {6}
#Stream {154}
#Stream {155}
#Stream {156}
#Stream {157}
#Stream {158}
#Stream {159}
#Stream {160}
#Stream {161}
#Stream {162}
#Stream {152}
#Stream {163}
#Stream {153}
#Stream {2}
Structure
theme
theme1.xml
settings.xml
webSettings.xml
styles.xml
fontTable.xml
docProps
core.xml
app.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://bestthingsfilimngbetterplacetogowhichcanmakeitbestfeelingforbetterpeoplesaroundon.DOCX@a38.fr/bxLeXg
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://bestthingsfilimngbetterplacetogowhichcanmakeitbestfeelingforbetterpeoplesaroundon.DOCX@a38.fr/bxLeXg" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Informations
Name
 Value
CONTENTS

1.6
CONTENTS

Karim Naghi
CONTENTS

D:20240604155102+04'00'
CONTENTS

Acrobat PDFMaker 24 for Word
CONTENTS

D:20240604155104+04'00'
CONTENTS

Terms & Conditions
CONTENTS

Terms & Conditions of PO
CONTENTS

Adobe PDF Library 24.2.23
CONTENTS

Karim Naghi
CONTENTS

DAS Holding
CONTENTS

D:20240604155102+04'00'
CONTENTS

Acrobat PDFMaker 24 for Word
CONTENTS

Karim Naghi
CONTENTS

D:20240604155104+04'00'
CONTENTS

Adobe PDF Library 24.2.23
CONTENTS

D:20240604114755
CONTENTS

Terms & Conditions
CONTENTS

Terms & Conditions of PO
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https://bestthingsfilimngbetterplacetogowhichcanmakeitbestfeelingforbetterpeoplesaroundon.DOCX@a38.fr/bxLeXg
e6995a538737f809617afdf59e3eb0bc (291.11 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙