Behavioral task
behavioral1
Sample
SP_Richiesta.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SP_Richiesta.doc
Resource
win10v2004-20240419-en
General
-
Target
05db58ff80dc4c4c5a900731ee9fae94_JaffaCakes118
-
Size
330KB
-
MD5
05db58ff80dc4c4c5a900731ee9fae94
-
SHA1
8c20ca9ca8823ca075469b3ba277e4124d5561c2
-
SHA256
b2650ed8736f9951baa9fe5672ad2e95adda2bdb9bb0696bd4bdf7edea6a8393
-
SHA512
f349c3bb669b398261921f512dc9c8ea613ec4436e6225f68d681ac29b140b756c14eec2c2f09c255c9bb3a666632c3bedcbcc23ae90357583db55bb20b4dfb2
-
SSDEEP
3072:8IMb5VTn/iKFBr5Iwe43ntvTOakWLnepOIH6EQD81ZLVgYgFlZDE4Gz:8VT/iQBr5Iw/FkWVIHv9ZLVgpbZw9z
Malware Config
Signatures
-
Office macro that triggers on suspicious action 2 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action static1/unpack001/SP_Richiesta.doc office_macro_on_action -
resource static1/unpack001/SP_Richiesta.doc
Files
-
05db58ff80dc4c4c5a900731ee9fae94_JaffaCakes118.msg
-
http://bgt.it.gt.com
-
http://ca-indosuez.lu
-
http://spadapartners.it
-
http://www.bgt-grantthornton.it
-
http://www.bgt-grantthornton.it/disclaimer
-
http://www.bgt-grantthornton.it/privacy
-
http://www.ca-indosuez.com
-
http://www.spadapartners.it
-
https://www.ca-indosuez.com
-
-
SP_Richiesta.doc.doc windows office2003
ThisDocument
oHFEvbikB
lkNamNUPTziDQk
bMwEuzjnnm
TLnptJMDwErjd
-
image001.jpg.jpg
-
image002.jpg.jpg
-
image003.png.png
-
image004.png.png
-
image005.jpg.jpg
-
image006.gif.gif