Overview

overview

8

Static

static

8

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

rRlf.01.html

windows7-x64

1

rRlf.01.html

windows10-2004-x64

1

rRlf.02.html

windows7-x64

1

rRlf.02.html

windows10-2004-x64

1

rRlf.03.html

windows7-x64

1

rRlf.03.html

windows10-2004-x64

1

rRlf.04.html

windows7-x64

1

rRlf.04.html

windows10-2004-x64

1

rRlf.05.html

windows7-x64

1

rRlf.05.html

windows10-2004-x64

1

rRlf.06.html

windows7-x64

1

rRlf.06.html

windows10-2004-x64

1

rRlf.07.html

windows7-x64

1

rRlf.07.html

windows10-2004-x64

1

rRlf.08.html

windows7-x64

1

rRlf.08.html

windows10-2004-x64

1

rRlf.09.html

windows7-x64

1

rRlf.09.html

windows10-2004-x64

1

rRlf.10.html

windows7-x64

1

rRlf.10.html

windows10-2004-x64

1

rRlf.11.html

windows7-x64

1

rRlf.11.html

windows10-2004-x64

1

rRlf.12.html

windows7-x64

1

rRlf.12.html

windows10-2004-x64

1

Batch Rand....3.bat

windows7-x64

1

Batch Rand....3.bat

windows10-2004-x64

1

rRlf.13.html

windows7-x64

1

rRlf.13.html

windows10-2004-x64

1

JS.Cassandra.js

windows7-x64

1

JS.Cassandra.js

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    521f7865a11cba010aadb49759a31470

  • Size

    2.7MB

  • MD5

    521f7865a11cba010aadb49759a31470

  • SHA1

    4a3794da629cea77f8d714282869b75dfdf5cc6f

  • SHA256

    19d28cddb0452d03284732451152b8134881ddb091d5b0329986e64106fef0de

  • SHA512

    2f3eaa3f0693138bc670a5a79bacc239fbb9ab84976a0628ae949c5313153d12c79e925591ee0822a07cabf5fa6d8245433d0d56655633d008df62c4696c5c16

  • SSDEEP

    49152:CjpQtSWMPwezKr5WKbJWwYUHTYCCVHQMWPW+9FzT/NCcWfBPWIMTXCmulrqIB:CjpQVM48gKiCVwMp+9FzTGfrFqIB

Score
8/10
macro

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro

Files

  • 521f7865a11cba010aadb49759a31470
    .zip
  • FILE_ID.DIZ
  • background.jpg
    .jpg
  • index.html
    .html
  • logo.jpg
    .jpg
  • rRlf.01.html
    .html
  • rRlf.02.html
    .html
  • rRlf.03.html
    .html
  • rRlf.04.html
    .html
  • rRlf.05.html
    .html
  • rRlf.05.zip
    .zip
  • PHP.RainBow.php
  • rRlf.06.html
    .html
  • rRlf.06.jpg
    .jpg
  • rRlf.07.html
    .html
  • rRlf.07.zip
    .zip
  • php.faces.php
  • rRlf.08.html
    .html .js polyglot
  • rRlf.09.html
    .html
  • rRlf.09.jpg
    .jpg
  • rRlf.10.html
    .html .vbs polyglot
  • rRlf.11.html
    .html
  • rRlf.12.html
    .html
  • rRlf.12.zip
    .zip
  • Batch Random Number Generator v2.3.bat
  • rRlf.13.html
    .html .js polyglot
  • rRlf.13.zip
    .zip
  • JS.Cassandra.js
    .js
  • rRlf.14.html
    .html .vbs polyglot
  • rRlf.15.html
    .html
  • rRlf.15.jpg
    .jpg
  • rRlf.16.html
    .html
  • rRlf.16.jpg
    .jpg
  • rRlf.17.html
    .html .js polyglot
  • rRlf.18.html
    .html .vbs polyglot
  • rRlf.18.zip
    .zip
  • frmMain.frm
    .vbs
  • frmMain.frx
  • modControl.bas
    .vbs
  • modInet.bas
    .vbs
  • prjMain.vbp
  • prjMain.vbw
  • rRlf.19.html
    .html
  • rRlf.19.zip
    .zip
  • bat.phanthom.bat
  • rRlf.20.html
    .html
  • rRlf.20.jpg
    .jpg
  • rRlf.21.html
    .html .vbs polyglot
  • rRlf.21.zip
    .zip
  • turmoil.doc
    .doc windows office2003

    ThisDocument

  • rRlf.22.html
    .html
  • rRlf.23.html
    .html
  • rRlf.23.jpg
    .jpg
  • rRlf.24.html
    .html .js polyglot
  • rRlf.25.html
    .html .js polyglot
  • rRlf.25.zip
    .zip
  • kjp.js
    .js
  • rRlf.26.html
    .html .vbs polyglot
  • rRlf.26.zip
    .zip
  • rRlf.27.html
    .html
  • rRlf.27.jpg
    .jpg
  • rRlf.28.html
    .html
  • rRlf.29.html
    .html .vbs polyglot
  • rRlf.29.zip
    .zip
  • rRlf.30.html
    .html
  • rRlf.30.jpg
    .jpg
  • rRlf.31.html
    .html .js polyglot
  • rRlf.31.zip
    .zip
  • rRlf.32.html
    .html
  • rRlf.32.jpg
    .jpg
  • rRlf.33.html
    .html .vbs polyglot
  • rRlf.33.zip
    .zip
  • rRlf.34.html
    .html
  • rRlf.34.jpg
    .jpg
  • rRlf.35.html
    .html
  • rRlf.36.html
    .html .js polyglot
  • rRlf.37.html
    .html
  • rRlf.37.jpg
    .jpg
  • rRlf.38.html
    .html .vbs polyglot
  • rRlf.38.zip
    .zip
  • rRlf.39.html
    .html
  • rRlf.39.jpg
    .jpg
  • rRlf.40.html
    .html
  • rRlf.40.zip
    .zip
  • rRlf.41.html
    .html
  • rRlf.41.jpg
    .jpg
  • rRlf.42.html
    .html
  • rRlf.42.zip
    .zip
  • rRlf.43.html
    .html
  • rRlf.43.jpg
    .jpg
  • rRlf.44.html
    .html .vbs polyglot
  • rRlf.45.html
    .html .vbs polyglot
  • rRlf.451.zip
    .zip
  • rRlf.452.zip
    .zip
  • rRlf.46.html
    .html
  • rRlf.46.jpg
    .jpg
  • rRlf.47.html
    .html .vbs polyglot
  • rRlf.47.zip
    .zip
  • rRlf.48.html
    .html
  • rRlf.48.jpg
    .jpg
  • rRlf.49.html
    .html .ps1 polyglot
  • rRlf.49.zip
    .zip
  • rRlf.50.html
    .html .vbs polyglot
  • rRlf.51.html
    .html
  • rRlf.52.html
    .html .vbs polyglot
  • rRlf.52.zip
    .zip
  • rRlf.53.html
    .html
  • rRlf.54.html
    .html
  • rRlf.54.zip
    .zip
  • rRlf.55.html
    .html
  • rRlf.55.jpg
    .jpg
  • rRlf.56.html
    .html
  • rRlf.57.html
    .html
  • title.jpg
    .jpg