Behavioral task
behavioral1
Sample
49344c0b0d8e6e0a0fe162fb0a4ce37110369ceec937b17bb2436865ab37fd9e.xls
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
49344c0b0d8e6e0a0fe162fb0a4ce37110369ceec937b17bb2436865ab37fd9e.xls
Resource
win10v2004-20220812-en
Errors
General
-
Target
49344c0b0d8e6e0a0fe162fb0a4ce37110369ceec937b17bb2436865ab37fd9e.xlsx
-
Size
4.8MB
-
MD5
14d590573690a6e6de99ddf96540946c
-
SHA1
82eef2b86f48d0adadd6839b41356da87fbcc84d
-
SHA256
49344c0b0d8e6e0a0fe162fb0a4ce37110369ceec937b17bb2436865ab37fd9e
-
SHA512
9bc957ab84a9ad31b2ff30309e775eee8de5ee8cd8bdc88541707a2e3c64b5c747a0ca0c8cd64a73fa245f4fb888449bf7154a73dbe36b8b6d70962f7a5e8861
-
SSDEEP
98304:kv4K91f7vFpQ+g8RFpiLd+8kLD84tCEr0RtNiC5eSsNMt+r+WC1HnKHnn3BBXXXM:kvpvFa+g8RWLdPk/84tCEr0RtNiC5eS9
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action
Files
-
49344c0b0d8e6e0a0fe162fb0a4ce37110369ceec937b17bb2436865ab37fd9e.xlsx.xls .xlsx windows office2003