Malicious
General
Structural Analysis
Config.0
Yara Rules54
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Hash | Hash Value |
---|---|
MD5 | 8da1c339fb677cdad53363fc12789299
|
Sha1 | c62d1082694030f2d05eeca161dd84ab653ff00e
|
Sha256 | 4d20319debc98f9c10a0e4736f45d228bc81d15ec0c69bd400ef5ab57b24d804
|
Sha384 | cbd362fdb6409b5b1986ecb34052d377e0fbac37d85b7d6d0085fc68dbbc0a4f9ba8687fb330cfcdc1d3a6d17e51246d
|
Sha512 | da2bc333ed23cbe78aaf2aaae831a405c0a16b17b60c4975a151ee5526b625b0ebda555dd77d13a8b89732553cde4d35d7874d31829d7be0201a972e6b108ab9
|
SSDeep | 384:Y6R7KxfMAIT+pcHAv0H6vDZ1rK1jI5oQzh6cBvTS:JJoPpcQ1rK1nQYUG
|
TLSH | 6362BFA0CF0CA166D3AE633276719CD4F12DC100D7EAF99A613812E5E564D9B27135CF
|
File Structure
a_PURGED.docm
Office Document
Blacklist VBA
VBA Purging
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
[Content_Types].xml
Xml
docProps
app.xml
Xml
core.xml
Xml
word
Malicious
document.xml
Xml
fontTable.xml
Xml
settings.xml
Xml
styles.xml
Xml
vbaData.xml
Xml
vbaProject.bin
Office Document
Malicious
.
Malicious
Root Entry
Malicious
VBA
Malicious
dir
ThisDocument
Blacklist VBA
VBA Macro
VBA Purging
ATT&CK T1564.007
Malicious
Malicious Document
Malicious
[Stored VBA]
Blacklist VBA
VBA Macro
Visual Basic
VBA Purging
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
[Stored VBA].deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
_VBA_PROJECT
PROJECT
PROJECTwm
webSettings.xml
Xml
theme
theme1.xml
Xml
_rels
document.xml.rels
Xml
vbaProject.bin.rels
Xml
_rels
.rels
Xml
a_PURGED.docm (14.86 KB)
File Structure
a_PURGED.docm
Office Document
Blacklist VBA
VBA Purging
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
[Content_Types].xml
Xml
docProps
app.xml
Xml
core.xml
Xml
word
Malicious
document.xml
Xml
fontTable.xml
Xml
settings.xml
Xml
styles.xml
Xml
vbaData.xml
Xml
vbaProject.bin
Office Document
Malicious
.
Malicious
Root Entry
Malicious
VBA
Malicious
dir
ThisDocument
Blacklist VBA
VBA Macro
VBA Purging
ATT&CK T1564.007
Malicious
Malicious Document
Malicious
[Stored VBA]
Blacklist VBA
VBA Macro
Visual Basic
VBA Purging
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
T1059.005
Obfuscated
Malicious
[Stored VBA].deobfuscated.vbs
DeObfuscated
VBScript
T1059.005
Malicious
_VBA_PROJECT
PROJECT
PROJECTwm
webSettings.xml
Xml
theme
theme1.xml
Xml
_rels
document.xml.rels
Xml
vbaProject.bin.rels
Xml
_rels
.rels
Xml
Characteristics
vbaDNA - VBA Stomping & Purging Stategy detection
Module Name0 | ||
---|---|---|
ThisDocument | Blacklist VBA VBA Macro VBA Purging ATT&CK T1564.007 Malicious Malicious Document |
|
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.