Behavioral task
behavioral1
Sample
SecuriteInfo.com.Script.SNH-gen.1228.1261.xls
Resource
win7-20220901-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Script.SNH-gen.1228.1261.xls
Resource
win10v2004-20221111-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Script.SNH-gen.1228.1261.xls
-
Size
570KB
-
MD5
126f51d36f9fdae3bb810a08219b6f57
-
SHA1
86d478c0abca323869ed499db6609f1d30dbc54c
-
SHA256
d564056378f00f68174b94b0b8cee7da47873ca5787e2b2a001d66e71909285b
-
SHA512
a095e1f16da6205ab75fb7f739135f12ab582ce0751e517b82f7241aceedda84f0f1bddd49a7e41ee1ff26cc1ccbc3e15d64813292b1269184a180dbfb148bef
-
SSDEEP
6144:zaR1CEqhx4eKc5bBSnAmx3BYebs5797Q1DmELPLNm:zLxhbafxQ5Bymoxm
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action
Files
-
SecuriteInfo.com.Script.SNH-gen.1228.1261.xls.doc .xls windows office2003