Behavioral task
behavioral1
Sample
c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.xls
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.xls
Resource
win10v2004-20220721-en
General
-
Target
c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.zip
-
Size
10KB
-
MD5
5f731fa7c560c87b9eeba3e7e2f5c03c
-
SHA1
92d7e08814424698f9ecd36146d2c665d1300cb9
-
SHA256
9765bf6f8c394a94d04b26211e43346ed51561171929aedf7183843fe8d1bfeb
-
SHA512
afac5c9a858f567fa79e15b7edc3b3750dab784774bd842225c24955d6b0896efd3f978b610ee1396db185f3b0a56b2ecf55f71ede65402f3735e9e00d4a2c2f
-
SSDEEP
192:4WekOHuYwbv4YQ1weaQ8AgXRCKo72STW/d4/nB/ywCSH4I/0+e:41kOHuYErJDQ8LXaTMd4vhhH70+e
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0 office_macro_on_action -
Processes:
resource static1/unpack001/c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0
Files
-
c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.zip.zip
Password: infected
-
c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.xls windows office2003
ThisWorkbook
hDhlM