General
-
Target
835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
-
Size
1.4MB
-
Sample
221127-xbtrmsea5v
-
MD5
0567bfb2eef3409ab528c5ee0e59e4fe
-
SHA1
aacc14fe1d94ef9fb521c0bace66515d2c78b098
-
SHA256
835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
-
SHA512
7ccb62504252754d9c701a8f7cb4a0aaa4049d99fa43fa62c91bbc361db165e7f6f3d78fbbc25bab6a064d799077d0544586e8efd544c376e7de7c819475de54
-
SSDEEP
24576:AIR+8WbmTKZ8TYlJQF3IR+8WbmTKZ+60UZX:AIiMYnQF3IifdZX
Static task
static1
Behavioral task
behavioral1
Sample
835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
-
Size
1.4MB
-
MD5
0567bfb2eef3409ab528c5ee0e59e4fe
-
SHA1
aacc14fe1d94ef9fb521c0bace66515d2c78b098
-
SHA256
835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
-
SHA512
7ccb62504252754d9c701a8f7cb4a0aaa4049d99fa43fa62c91bbc361db165e7f6f3d78fbbc25bab6a064d799077d0544586e8efd544c376e7de7c819475de54
-
SSDEEP
24576:AIR+8WbmTKZ8TYlJQF3IR+8WbmTKZ+60UZX:AIiMYnQF3IifdZX
Score8/10-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-