Behavioral task
behavioral1
Sample
3f85113ecdfd330a8e48b107e05adae4.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3f85113ecdfd330a8e48b107e05adae4.xls
Resource
win10v2004-20220812-en
General
-
Target
3f85113ecdfd330a8e48b107e05adae4
-
Size
666KB
-
MD5
3f85113ecdfd330a8e48b107e05adae4
-
SHA1
704fbae3713cd8bb01116cd6159f2eff026f1f25
-
SHA256
3b2f4e5851c83f8dc193fc25c65b1f45ac5ad20b4c1aceb7ee95baf2469401e6
-
SHA512
4ec910ca57dd03cca89a9d57e68d43fb7e55afb38ec1879bb848997e73a45e189b2cc480c7e6a082736f253b4d78fc95344b0931dfe2ab17e8538c9b7b0850dd
-
SSDEEP
6144:8MDAUGfS7j40srblivj9Lz5y7pl2jwiOZLXyVTRuJRbCgUg71Z7yDIfX/VBUR+QY:/O9Wk5Z7+l61kkBkkkkIkkq1kkkkb
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
3f85113ecdfd330a8e48b107e05adae4.xls windows office2003
Kangatang