Behavioral task
behavioral1
Sample
2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb.xls
Resource
win10v2004-20221111-en
Errors
General
-
Target
2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb.xlsx
-
Size
4.8MB
-
MD5
b254c8d9ae407218a0f9239f12cb8e98
-
SHA1
4d4ceb4132958c26d70bff290000bfbf8b182026
-
SHA256
2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb
-
SHA512
23e9a2cd9193a9b529854c55e5bfcb9c1229630d5e64e902a8d9b061e635d3abadd7bc6c457a5f8c58eef2016dd473a3b14808d7cafbdc73941a32c8025edb77
-
SSDEEP
98304:Ov4K91f7vFpQ+g8RFpiLd+8kLD84tCEr0RtNiC5eSsNMt+r+WC1HnKHnn3BBXXX:OvpvFa+g8RWLdPk/84tCEr0RtNiC5eSF
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action
Files
-
2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb.xlsx.xls .xlsx windows office2003