Behavioral task
behavioral1
Sample
eb3be3768139c64ea79fe30da76c17d1.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
eb3be3768139c64ea79fe30da76c17d1.xls
Resource
win10v2004-20221111-en
General
-
Target
eb3be3768139c64ea79fe30da76c17d1
-
Size
58KB
-
MD5
eb3be3768139c64ea79fe30da76c17d1
-
SHA1
3539a879a9208c074e11c2ef609076f231d4fb1d
-
SHA256
7f3d2460a288d4f648c4f1bd63c80f49a472234b6ffe51ca716ca8a62d7b5850
-
SHA512
6a11a4ff5f131246600ba60f43d0e809a621ead38335591d3828fb77cbdbc81c3dacfbf0890334064ad1cebc1c806b5e2d096ef9c279c51edf8e86977a7c1dc7
-
SSDEEP
1536:8P+SLabpk0BuqCXMg+sfs5vClOGw2g5VSzxAMRGb3rZp2LA9tFD/NkJdp:8P+SLa15Y18/sfs5vClOGw2g5VSzxAMn
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
eb3be3768139c64ea79fe30da76c17d1.xls windows office2003
Kangatang
ThisWorkbook