Behavioral task
behavioral1
Sample
2019x64_excel_msgbox_stomped_fakecode.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2019x64_excel_msgbox_stomped_fakecode.xls
Resource
win10v2004-20230221-en
General
-
Target
2019x64_excel_msgbox_stomped_fakecode.xls
-
Size
30KB
-
MD5
47929954dfcc2fd50f4e96ae2f5503e1
-
SHA1
b9f13604f8295675ac255859999f1b4b7ffac9f2
-
SHA256
09710e25c10decb0daa8399d71b46a1517555a891e6af3d09113dcd6dd41fc8b
-
SHA512
87812d8433d9fce9bcc1a948c2541015dcd4057c285ad87aebd83a7ef19be169a08ac6937d546d5bcbfcca3a17a3012d7931c929c6b137d3f0f98080b590f99f
-
SSDEEP
768:RP1k3hbdlylKsgqopeJBWhZFGkE+cL2NdAJWWN1J69GcCPy19S:Z1k3hbdlylKsgqopeJBWhZFGkE+cL2N0
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
2019x64_excel_msgbox_stomped_fakecode.xls.xls windows office2003
ThisWorkbook
Sheet1