Malicious
Malicious

f901169bcd4903c6a0a90a0fc120d5f7

Rar Archive
|
MD5: f901169bcd4903c6a0a90a0fc120d5f7
|
Size: 725.55 KB
|
application/vnd.rar

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
f901169bcd4903c6a0a90a0fc120d5f7
Sha1
f02d18bfd9f096a723677f59619962a38eb2109a
Sha256
634d00db157d24723b2b193b826f178b6693403ba06dbd0e557d42dfea7e9a34
Sha384
4e2f9a457756ea4d1d35f3b2e3680a7de21458ebd04d9001a1b3cd4ad2da3ee34cd143eac608b1eae48e29245c1b8496
Sha512
09d7513a1a6db5427a2a03cc75c42b24baa64f40dc959629e7086c69550760ead141ff821bfb5d08ca63d4d4d891af86b4f68938ac6d15a85d3a1725e841b78d
SSDeep
12288:B+B3m/Om47thsdwjxBN1nv1iV4/wYGBvVdZZ9bn7p5ZUlEo4mp52Rkx:63oOntWSjjNmVkwYIVDPbzeEon2ex
TLSH
98F423BAC7B66ACC58E525E07F4C4037B739749D68D4B3AB43C352299C0AF8A026D743
File Structure
f901169bcd4903c6a0a90a0fc120d5f7
Malicious
Malware untuk tugas
format js 2.rar
format js 2
format js2.js
format js.rar
format js
format js.js
format word.rar
Malicious
format word
Malicious
format word.docx
Malicious
[Content_Types].xml
docProps
app.xml
core.xml
word
Malicious
Aspects.rtf
document.xml
endnotes.xml
fontTable.xml
footer1.xml
footnotes.xml
numbering.xml
settings.xml
styles.xml
webSettings.xml
theme
theme1.xml
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
_rels
.rels
index.html.html
Malware Configuration - Remote Template
Config. Field
 Value
Target

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
f901169bcd4903c6a0a90a0fc120d5f7 (725.55 KB)
File Structure
f901169bcd4903c6a0a90a0fc120d5f7
Malicious
Malware untuk tugas
format js 2.rar
format js 2
format js2.js
format js.rar
format js
format js.js
format word.rar
Malicious
format word
Malicious
format word.docx
Malicious
[Content_Types].xml
docProps
app.xml
core.xml
word
Malicious
Aspects.rtf
document.xml
endnotes.xml
fontTable.xml
footer1.xml
footnotes.xml
numbering.xml
settings.xml
styles.xml
webSettings.xml
theme
theme1.xml
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
_rels
.rels
index.html.html
Characteristics
Malware Configuration - Remote Template
Config. Field
 Value
Target

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value Location
Remote Template - Highly Suspicious

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx

Malicious

f901169bcd4903c6a0a90a0fc120d5f7 > Malware untuk tugas > format word.rar > format word > format word.docx > word > _rels > settings.xml.rels
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙