Behavioral task
behavioral1
Sample
8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a.vbs
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a.vbs
Resource
win10v2004-20240226-en
General
-
Target
8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a
-
Size
1.4MB
-
MD5
8e6e89e29a2c3dddbb2814250228282e
-
SHA1
a45e45a9157d0c963b039ba4c612b1090eec2e2c
-
SHA256
8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a
-
SHA512
840b3efea4848248987098f71eac7f539fa3e2b7cfdae50dfbed8e79bb56bc157a0cb0b857b7d85cf569715f258de3e8ce1f9b025dffa8da2d89fd77b8b7c44b
-
SSDEEP
24576:pG0jA9HdB5mUHwoFWdNQd9QajvvP+5gwxhTuN:redB8oId+d9Qs
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a.doc .vbs windows office2003 polyglot
frmData
modLoadPictureGDI
FormFunctions
Info
Lib
modClipboard
modCopyChart
modDocument
frmHyperlinks
modOpenFileDialogAPI
modPresentation
modtickerTAble
modScreenUpdating
modValRisks
XMLAPIs
DocProperty
rxRibbon
PPTDisclosure
ppClass
frmTickerTable
modPublic
modExhibits
modAPI
modPresentationXML
modScreenUpdate
modExplorer