ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b | Triage

Submit
Reports

Overview

overview

9

Static

static

1

ebdfe5e4c6...b.docm

windows7-x64

4

ebdfe5e4c6...b.docm

windows10-2004-x64

9

Sharing

General

Target

ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b.docm
Size

1.4MB
Sample

230825-khw45abh4y
MD5

fc9877d2d8fbf7a8187ea1320d51ea96
SHA1

fd9f6c04006b95e8a957eb74edac2a92b5b94540
SHA256

ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b
SHA512

0c7b2949e98198a5f44438cbbf842025389bcf1c09c506a1b366b6b47811ebe6ff6f21a97e0e558cac8708431965ca10ba2bfe3834ebc82919795fc338d79a39
SSDEEP

24576:XvcJIGbGIILv0MPcSORDkEoXeikaJWlvC1yqYz6lH2JqRKBv5uZuEj:QG/rdPcSORQEIeYWl61/Y1JqRovsZuEj

Score

9^/10

coreentity macro macro_on_action

Static task

static1

Behavioral task

behavioral1

Sample

ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b.docm

Resource

win7-20230824-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b.docm

Resource

win10v2004-20230703-en

coreentity macro macro_on_action

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b.docm
- Size
  
  1.4MB
- MD5
  
  fc9877d2d8fbf7a8187ea1320d51ea96
- SHA1
  
  fd9f6c04006b95e8a957eb74edac2a92b5b94540
- SHA256
  
  ebdfe5e4c64999b84938ecf20729fd2268bd9f5164c7c4b005a5be9967233e3b
- SHA512
  
  0c7b2949e98198a5f44438cbbf842025389bcf1c09c506a1b366b6b47811ebe6ff6f21a97e0e558cac8708431965ca10ba2bfe3834ebc82919795fc338d79a39
- SSDEEP
  
  24576:XvcJIGbGIILv0MPcSORDkEoXeikaJWlvC1yqYz6lH2JqRKBv5uZuEj:QG/rdPcSORQEIeYWl61/Y1JqRovsZuEj
Score

9^/10

coreentity macro macro_on_action
- CoreEntity .NET Packer
  A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
  coreentity
- Office macro that triggers on suspicious action
  Office document macro which triggers in special circumstances - often malicious.
  macro macro_on_action
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

coreentitymacromacro_on_action

© 2018-2024

Terms | Privacy