Static task
static1
Behavioral task
behavioral1
Sample
payment-advice.xls
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
payment-advice.xls
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
payment-advice.xls.zip
-
Size
520KB
-
MD5
f14e56233832f99c9087f14b1c449e1d
-
SHA1
8fb0bf4dadd6bf620e024a39c675eaea0acbf3d9
-
SHA256
424b2089096fdc77775ea4a6107a6301e8600e6e1439ffc6b62c4024a74047fc
-
SHA512
50675732bd6c85a1e6b047431f71c5bdd0c3ea251588327342a8fbb1a38486448d37ddbac204773af9161961c012328c62063cb735150c5fd37719e3c2689684
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/payment-advice.xls office_macro_on_action
Files
-
payment-advice.xls.zip.zip
Password: infected
-
payment-advice.xls.xls windows office2003
ThisWorkbook
Sheet1
Page11
Repositor
Module0
Module1
Module2
Module4
Module5
Windows
WelcomeDialog