Overview

overview

10

Static

static

8

11.20计�...��.xls

windows7-x64

10

11.20计�...��.xls

windows10-2004-x64

1

11.20计�...�2.xls

windows7-x64

10

11.20计�...�2.xls

windows10-2004-x64

10

11.20计�...�1.xls

windows7-x64

10

11.20计�...�1.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    405423424e9bc8ee54d7d4ae9d07f9cb_JaffaCakes118

  • Size

    118KB

  • MD5

    405423424e9bc8ee54d7d4ae9d07f9cb

  • SHA1

    7f875400026f183570d30252cd742ee9330c9713

  • SHA256

    84c877324d21c0bea9ebe23c2172733fc6d6966f65c56b07885bdfef99c9d502

  • SHA512

    fa37204d0126a5c3407b6cdefbfb0293763d195dc5c6b78c5fae1fc4b652020435675ad1faa4befe144027427a54b98faca557795642cc3f81bb1b7146dffc95

  • SSDEEP

    3072:pUvc5pHmQjmRqHjPqBvJO/amA+RIWZEF397W/2TgO1CugwT:/59ROcsD+RXiF97ZQ5Q

Score
8/10
macroxlm

Malware Config

Signatures

  • Suspicious Office macro 3 IoCs

    Office document equipped with 4.0 macros.

    macroxlm

Files

  • 405423424e9bc8ee54d7d4ae9d07f9cb_JaffaCakes118
    .rar
  • 11.20计划分配/11.20.水泥经营紧急计划.xls
    .xls .vbs windows office2003 polyglot
  • 11.20计划分配/11.20.锦源经营紧急计划2.xls
    .xls windows office2003
  • 11.20计划分配/11.20锦源经营紧急计划1.xls
    .xls .vbs windows office2003 polyglot