Behavioral task
behavioral1
Sample
~ar6759.xls
Resource
win7-20221111-en
windows7-x64
9 signatures
150 seconds
Behavioral task
behavioral2
Sample
~ar6759.xls
Resource
win10v2004-20220901-en
windows10-2004-x64
7 signatures
150 seconds
General
-
Target
~ar6759.xar
-
Size
107KB
-
MD5
ae89cf6ba9007c82060c00e004ca8a1e
-
SHA1
c25329af0c5edd0260744a89f25c36ae336c5792
-
SHA256
2609fc43379c7572ab4b9e15ca5b8408c42b071caceb6e45384b85b30df60979
-
SHA512
5c4fcfeaaca3dc6195c913cce1aa8ee9c394cfd11e4ccab373bd7b83c6bb70f84f78af10bf01525810a382baf118424b2404f7b5ef7717fb7b3901f19cd3e8ab
-
SSDEEP
3072:8i9QUDGYwk/u1Q5y21afgjs8KA6bLhmvjKESzz6u/lmpYj:8i9QUDGYwk/u1Q5y21afgjs8KA6bLhmq
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
~ar6759.xar.xls .xar windows office2003
Module1
ThisWorkbook
Ark1