Overview

overview

10

Static

static

8

cancel_sub...4.xlsb

windows7_x64

10

cancel_sub...4.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cancel_sub_JPL12345678901234.xlsb.zip

  • Size

    218KB

  • MD5

    fbcf88c7c823f370069c4556f9dd7c91

  • SHA1

    5577945b974ea6335fcc37ea80e708cb4295224e

  • SHA256

    2abe5df892b139bb3f88019ac0f5b2856c6dd853362dc2f723292fe8d33619c1

  • SHA512

    9e8790e89ef5b2ee54b6396ae87e4e344891da636f41d446b6f70d4d6a55ee1555da1256ccef3d521a4cb63b202eb7bcbb24068ef0ff9e42673573ee8d9ddbe3

Score
8/10
macroxlm

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with 4.0 macros.

    macroxlm

Files

  • cancel_sub_JPL12345678901234.xlsb.zip
    .zip

    Password: infected

  • cancel_sub_JPL12345678901234.xlsb
    .xlsb .xlsm office2007