Behavioral task
behavioral1
Sample
bip.poznan.pl_public_bip_attachments.att_co=show&&id=6335&instance=1044&lang=pl.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
bip.poznan.pl_public_bip_attachments.att_co=show&&id=6335&instance=1044&lang=pl.xls
Resource
win10v2004-20230220-en
General
-
Target
bip.poznan.pl_public_bip_attachments.att_co=show&&id=6335&instance=1044&lang=pl.xls
-
Size
612KB
-
MD5
af32838cf4f2032d0fe0bd13a1920dc1
-
SHA1
aa6a94fef05db85b876636e82703fea8960e1d52
-
SHA256
dd09cf89a66d0420bf0eefd361a37cb11cecd8b181f8c7598db3f4a3ed5c0a01
-
SHA512
c966759bd1151072614dc074bd015c114e36a42b4e98ff1995593a7bd03383f24c92fdcc166f1a1d355c5e2ae3bad73c3db9c8fedf7586a4ebd1055b8e7513ce
-
SSDEEP
12288:Ma4RWKfJ84VUoiA7B4VWEH1y4HDjeBHua:yhGa4VWEH1y4HDj7a
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action
Files
-
bip.poznan.pl_public_bip_attachments.att_co=show&&id=6335&instance=1044&lang=pl.xls.xls windows office2003