Behavioral task
behavioral1
Sample
BofA_Remittance_Advice.xls
Resource
win7-20220812-en
windows7-x64
8 signatures
150 seconds
Behavioral task
behavioral2
Sample
BofA_Remittance_Advice.xls
Resource
win10v2004-20220812-en
windows10-2004-x64
15 signatures
150 seconds
General
-
Target
BofA_Remittance_Advice.xls
-
Size
122KB
-
MD5
4b46967dd9b0cc889a71879e74c78163
-
SHA1
f4ab4a4754ba6815e6ba8adb03f68d9ea2edd39a
-
SHA256
d1300974e16f75b2fd0deeb5b4f212f2d1c9eb0d77bc51664c4dfbcdca4beb63
-
SHA512
b7bd17bc20af7daf04f201e2d4fc2a73ad3e9e1c7c97d9451ca4e0a62d777ae469b356d5b8191e50020411f51a4b1c42fade07c6ed6196af0355298b6c2aef81
-
SSDEEP
3072:6k3hOdsylKlgxopeiBNhZFGzE+cL2kdAFz5RkTdjPIUXQO2XIlGdDSojrsm+:6k3hOdsylKlgxopeiBNhZF+E+W2kdA91
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action
Files
-
BofA_Remittance_Advice.xls.xls .js windows office2003