valyria | 8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5 | Triage

Submit
Reports

Overview

overview

Static

static

8

8ffeab678d...a5.doc

windows7-x64

8ffeab678d...a5.doc

windows10-2004-x64

Sharing

General

Target

8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5
Size

79KB
Sample

221023-lnbaaahfgn
MD5

39de314ca12ec81359cbd1fabc12cb98
SHA1

d23e18a068f0ffde1fe7dbffbfa86ef459e3ee57
SHA256

8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5
SHA512

67eb2a93e509ec34999f21757069d0729d06146796253e198d0449f2dfa83568a290cf7397a628a7489e2958fe61a45a387a1d3517397a79499f07ea0adfca73
SSDEEP

768:ixbpML2teJsNST+jBl8UDRxz99LHy85ZKYbkr+H/l7eYk3I:+M6ZNSTOl7DR31y8eYS+H/sj

Score

10^/10

valyria dropper macro macro_on_action

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5.doc

Resource

win7-20220812-en

valyria dropper

windows7-x64

11 signatures

10 seconds

Behavioral task

behavioral2

Sample

8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5.doc

Resource

win10v2004-20220901-en

valyria dropper

windows10-2004-x64

9 signatures

10 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://newyeargoka.top/read.php?f=0.dat

Targets

- Target
  
  8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5
- Size
  
  79KB
- MD5
  
  39de314ca12ec81359cbd1fabc12cb98
- SHA1
  
  d23e18a068f0ffde1fe7dbffbfa86ef459e3ee57
- SHA256
  
  8ffeab678d425795e55e0328ebf9685c5e2c2ec3d5094c0d88578a10d688c5a5
- SHA512
  
  67eb2a93e509ec34999f21757069d0729d06146796253e198d0449f2dfa83568a290cf7397a628a7489e2958fe61a45a387a1d3517397a79499f07ea0adfca73
- SSDEEP
  
  768:ixbpML2teJsNST+jBl8UDRxz99LHy85ZKYbkr+H/l7eYk3I:+M6ZNSTOl7DR31y8eYS+H/sj
Score

10^/10

valyria dropper
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Valyria
  Malicious Word document which is a loader for other malware.
  dropper valyria
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2025

Terms | Privacy