Pulse Detail — Threat Intelligence

● 0 online

ANALYZING THREAT INTELLIGENCE

PULSE NAME

~WRD0004.doc

WHITE callmeDoris 2023-02-21 Modified: 2023-02-21

63

IOCs

HIGH VOLUME

↓ CSV ↓ JSON

375809b8a913e9fdf5a6a0463d373eff98ee7d8054a49c28bd133b90fbe7b424 ~WRD0004.doc

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1036 T1074 T1100 T1105 T1571 T1573

Indicators of Compromise (19 / 63 total)

All FileHash-SHA256 URL domain FileHash-MD5 FileHash-SHA1

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-SHA256	f54a2f5bb2015cac6c57afa821b4dec459d3856c859d41c945fc50d4a853819d	—	2023-02-21
FileHash-SHA256	e05660e18064e7c2301f5738ea115ffc05d549b85733ba255d445f5b841ef012	—	2023-02-21
FileHash-SHA256	b656abcf82b1853a807b0c4eb0b496d2415aeb29f102f01a17b1a68a10e3731f	—	2023-02-21
FileHash-SHA256	afee6fc099167063608464bfbf4c248842b78c03b1c056a65f848e0bfe736fd1	—	2023-02-21
FileHash-SHA256	7fab92f93d7bd3aa4d2c3cd5717197f2d93a43070f089c69085b34a19ec8110b	—	2023-02-21
FileHash-SHA256	3cab45b404eb0f296e33bb3413ffbe3fd8e8d977a1070756db8cb2ff83d162d0	—	2023-02-21
FileHash-SHA256	34761009dd1cef0e6100671b305a2fbe2af2760ace32916d1e1645f512654ad5	—	2023-02-21
FileHash-SHA256	f082a08bb4217974ca0cf1acbdd4c6d0e15a11c7d69a1b8955eba2235b492108	—	2023-02-21
FileHash-SHA256	375809b8a913e9fdf5a6a0463d373eff98ee7d8054a49c28bd133b90fbe7b424	Process binds to unusual ports details Process "%PROGRAMFILES%\Microsoft Office\Office14\WINWORD.EXE" binds to port 49791 source Network Traffic	2023-02-21
FileHash-SHA256	2820507593b307075160abd5158557826ee851a7792cb937cbac4998a1043c05	—	2023-02-21
FileHash-SHA256	303f3134718fd7e7a37625418a7f94a2ffcda8f1470b281821c50cf217f84317	—	2023-02-21
FileHash-SHA256	36763a3451651006acb67a58ef9b9b59cfd2962ff25f9b98cecf7cc781738a40	—	2023-02-21
FileHash-SHA256	4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1	SHA256 of dbb111419c704f116efa8e72471dd83e86e49677 SHA256 of dbb111419c704f116efa8e72471dd83e86e49677	2023-02-21
FileHash-SHA256	8296fc22485b1617a8b292becafe183c22d74f9b0bde14dc22d5c3d87a964a60	—	2023-02-21
FileHash-SHA256	9cbe18ab536db5837ff1dad42931a1d376f5b1ab8a1c48e74a68b8a246304562	—	2023-02-21
FileHash-SHA256	bc43743fddca985eb074137f2878f64ce1da8d75b3a1a8acd1ebc41567fe2a4d	—	2023-02-21
FileHash-SHA256	e557d798f2afc3f66ff452b9b9c832bf89816e17a98f05ee3189d5213069f5ff	—	2023-02-21
FileHash-SHA256	f0a3eec2709682107edae2372e8984e15bd3b2b7e3de9878ba76cd69cc556ce0	SHA256 of c4489a059a38e94b666edcb0f9facbf823b142d0	2023-02-21
FileHash-SHA256	fc4704d5a4edba1659bd7694e1a3ba7fe9ad204098793ef317cfa03874848c0f	—	2023-02-21

References (4)

↗ ~WRD0004.doc ↗ Contains - TarD5B7.tmp c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd ↗ Process binds to unusual ports details Process "%PROGRAMFILES%\Microsoft Office\Office14\WINWORD.EXE" binds to port 49791 source Network Traffic ↗ https://hybrid-analysis.com/sample/375809b8a913e9fdf5a6a0463d373eff98ee7d8054a49c28bd133b90fbe7b424/63f406d1b2eb1e516771f201