Behavioral task
behavioral1
Sample
$RPV9ENE.xls
Resource
win7-20220812-en
6 signatures
150 seconds
Behavioral task
behavioral2
Sample
$RPV9ENE.xls
Resource
win10v2004-20220812-en
4 signatures
150 seconds
General
-
Target
$RPV9ENE.xls.zip
-
Size
212KB
-
MD5
c32a2321c427fad53fa5dced8cd796cd
-
SHA1
6a933a84dbd6ec7311a25d7d3d57cf7058267de4
-
SHA256
8f7da81b3fcd437a954e450ca8f4cd43ad675b385e95e504feff0babdfb88c3a
-
SHA512
daf687ce66a9e385595ccc4fd550f2ba5459d32fbd0e04a515e2a8fe39bc821a6c2898473608067553b7147135d383dc1bb8286fd0c2f794fa6c4a96d86cb554
-
SSDEEP
6144:DWeJpPbaMu8RFcrodbtkyYVLo6+RpPmEWgzv:DbferYRWo7RUqv
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/$RPV9ENE.xls office_macro_on_action -
resource static1/unpack001/$RPV9ENE.xls
Files
-
$RPV9ENE.xls.zip.zip
-
$RPV9ENE.xls.xls windows office2003
Sheet1
ThisWorkbook
Sheet2
Mac
General
Files
Errors
Developer
Dates
Custom
Arrays
Report
Record
Sorting
MultiLookupItem
Lookup_Table
MappingKey
ColumnMap
ClassPropertySet
ClassProperty
Frm_AppStatus
MapItem
GLOBALS
-
checksums.txt