valyria | f92087059144bdfd22bc76d34d247564fe05f54be5c8b3c95624d792645b33f1 | Triage

Submit
Reports

Overview

overview

Static

static

8

0ae3f024be...5b.doc

windows7_x64

0ae3f024be...5b.doc

windows10-2004_x64

Sharing

General

Target

0ae3f024befcb994e66993d755a5195b.doc
Size

51KB
Sample

220408-b33yqsebe7
MD5

0ae3f024befcb994e66993d755a5195b
SHA1

51a2f146b3e574b6bdafceb1e5dffe10b4b5e5b8
SHA256

f92087059144bdfd22bc76d34d247564fe05f54be5c8b3c95624d792645b33f1
SHA512

b21e0ec0ded83a33c5c2063e7e377957dad47c14afb792541a2414b9e3e610a48a9a2ece0d3816e8cd83a42969500249d5ec5d89d68e58d6f90d55678db85a86

Score

10^/10

valyria dropper macro macro_on_action

Static task

static1

macro macro_on_action

Behavioral task

behavioral1

Sample

0ae3f024befcb994e66993d755a5195b.doc

Resource

win7-20220331-en

valyria dropper

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0ae3f024befcb994e66993d755a5195b.doc

Resource

win10v2004-20220331-en

valyria dropper

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://www.nnapoakea.top/read.php?f=0.dat

Targets

- Target
  
  0ae3f024befcb994e66993d755a5195b.doc
- Size
  
  51KB
- MD5
  
  0ae3f024befcb994e66993d755a5195b
- SHA1
  
  51a2f146b3e574b6bdafceb1e5dffe10b4b5e5b8
- SHA256
  
  f92087059144bdfd22bc76d34d247564fe05f54be5c8b3c95624d792645b33f1
- SHA512
  
  b21e0ec0ded83a33c5c2063e7e377957dad47c14afb792541a2414b9e3e610a48a9a2ece0d3816e8cd83a42969500249d5ec5d89d68e58d6f90d55678db85a86
Score

10^/10

valyria dropper
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Valyria
  Malicious Word document which is a loader for other malware.
  dropper valyria
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2025

Terms | Privacy