Static task
static1
Behavioral task
behavioral1
Sample
08d30d6646117cd96320447042fb3857b4f82d80a92f31ee91b16044b87929c0.xls
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
08d30d6646117cd96320447042fb3857b4f82d80a92f31ee91b16044b87929c0.xls
Resource
win10-20220414-en
General
-
Target
b5873b2932ca2d24cf6fc82511aa40ba100936e15ed93cfe729a08bebfc2c819
-
Size
32KB
-
MD5
99cb2c3015c0ecdd78dfa45de2e6909c
-
SHA1
6e770e9940d4b9611fe7585d565fab8868758972
-
SHA256
b5873b2932ca2d24cf6fc82511aa40ba100936e15ed93cfe729a08bebfc2c819
-
SHA512
7e99043833d6ff01ce1519d4a8e982a39e1730a69eded9218158b38d0c9a85a066465b50d11928f375bb627ff951938ed5872684d9342d97e3c24700e98d862f
-
SSDEEP
768:7dzHDjCxD6czZ8K1PjOoDl8SZbKsLRGKpb8rGYrMPelwhKmFV5xtezEs/48/dgA+:7VHDjCxD6czZ8K1PjOoDl8SZbKsLRGK3
Malware Config
Signatures
-
Office macro that triggers on suspicious action 2 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action static1/unpack001/08d30d6646117cd96320447042fb3857b4f82d80a92f31ee91b16044b87929c0.xls office_macro_on_action -
Processes:
resource static1/unpack001/08d30d6646117cd96320447042fb3857b4f82d80a92f31ee91b16044b87929c0.xls
Files
-
b5873b2932ca2d24cf6fc82511aa40ba100936e15ed93cfe729a08bebfc2c819.zip
-
08d30d6646117cd96320447042fb3857b4f82d80a92f31ee91b16044b87929c0.xls.xls windows office2003
ЭтаКнига
Лист1
hdxlonvwk