Behavioral task
behavioral1
Sample
f3c4ff5ee8123f74d233f068a7186c8a22bcd1cdbe6475654345fc76870bd20f.xls
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f3c4ff5ee8123f74d233f068a7186c8a22bcd1cdbe6475654345fc76870bd20f.xls
Resource
win10v2004-20221111-en
General
-
Target
f3c4ff5ee8123f74d233f068a7186c8a22bcd1cdbe6475654345fc76870bd20f
-
Size
60KB
-
MD5
fea69535764564efcb07963a420dcb4b
-
SHA1
eb7762cc19a586e06594aed9804c1af7106d7ecd
-
SHA256
f3c4ff5ee8123f74d233f068a7186c8a22bcd1cdbe6475654345fc76870bd20f
-
SHA512
8c2e8f23b17e736ef0553c2590a0954a8fdfde461be107b6d0bf4d33ed72e8c1413d2ad26db320613574142779a8f8a2be24c3231db0974291c3638fb8d3ecaf
-
SSDEEP
1536:sIIIGxPTr6FaSkLu6pAJqNuYKl6Nc7yRzs1H75wkZUiEfClsQ6NqTBun5oAKG6EI:KKl6Nc7yRzs1H75wkZUgsQ6NqTBun5oE
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource yara_rule sample office_xlm_macros
Files
-
f3c4ff5ee8123f74d233f068a7186c8a22bcd1cdbe6475654345fc76870bd20f.xls windows office2003