Malicious
Malicious

ee6aab15ac1fab53ea38583ef3742b8b

MS Word Document
|
MD5: ee6aab15ac1fab53ea38583ef3742b8b
|
Size: 1.01 MB
|
application/msword

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
ee6aab15ac1fab53ea38583ef3742b8b
Sha1
25b6df247e65b827e32a6383f87837c266bf7c06
Sha256
d00544cef451b7c386bf2b5ffa29b9735e4818cabf5e94d087e14fb3e4f8b75f
Sha384
fbea6b2a600ca76dc6b6e2170ca0b07ab13c1e9c2576c9b30ae7909ba1c95b2cdc9dd075fa6a7ae155aafe77b0445b39
Sha512
d8d5d26662809d63ec1614a812f2ed7dfb758ef70a724eb51f776d83e0a020a740b22013cca52a8e30c6f5ea3648d15ecb4a11f2d79d424a7ff7678fd66c2794
SSDeep
24576:X2gdrFt1ro4NshtRjEZuPIaSV9VWikwzM6ez5:PxtdNQt1EZuPIaSVjWiHzM/
TLSH
192522B722DC3C3DD49D26FB7A4B307679646D8656B4388810173BDD1C98A9E260A0FF
File Structure
ee6aab15ac1fab53ea38583ef3742b8b
Malicious
[Content_Types].xml
docProps
app.xml
core.xml
word
Malicious
document.xml
endnotes.xml
fontTable.xml
footer1.xml
footnotes.xml
numbering.xml
settings.xml
styles.xml
webSettings.xml
Zation.rtf
theme
theme1.xml
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
_rels
.rels
Malware Configuration - Remote Template
Config. Field
 Value
Target

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
ee6aab15ac1fab53ea38583ef3742b8b (1.01 MB)
File Structure
ee6aab15ac1fab53ea38583ef3742b8b
Malicious
[Content_Types].xml
docProps
app.xml
core.xml
word
Malicious
document.xml
endnotes.xml
fontTable.xml
footer1.xml
footnotes.xml
numbering.xml
settings.xml
styles.xml
webSettings.xml
Zation.rtf
theme
theme1.xml
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
_rels
.rels
Characteristics
Malware Configuration - Remote Template
Config. Field
 Value
Target

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value Location
Remote Template - Highly Suspicious

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx

Malicious

ee6aab15ac1fab53ea38583ef3742b8b > word > _rels > settings.xml.rels
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙