Malicious
General
Structural Analysis
Config.0
Yara Rules1
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | a7577c20087cd33d9863a6b23c76e025
|
| Sha1 | d05697982159623c9721a121b589e18b1d0de393
|
| Sha256 | fe43a95ba28c47da676746f127d6d46514d150e723e07948c8b482b57d18eaec
|
| Sha384 | 560a2b3b2e286b59266bde30a69f969739aee34f4a75a6a9b699f3e0618e7a8b5621ad19eca9a6f96af759abbaad2174
|
| Sha512 | 4e089b93e9b0e27c72a007e7178c1c9adaa56b3340b0a39af74823bbaeac41fde1f18eafc260d1bb2fc15cc852b3dace78bc2a03fd4dbf4949de34667cc4e08d
|
| SSDeep | 384:94VpNulcwLoMF/MRi5HX64KgjH85Es5+XmZXHZrLFgFu/Yv:M/9aoC/MEHLX785EINgIAv
|
| TLSH | F1A2D0BED27FA41B807B5D6A8FB4453901F473B7808FAC8355828EB883ECB552F91149
|
File Structure
Opticsense New Order.doc.zip
Zip Archive
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
Obfuscated
Malicious
Opticsense New Order.doc.bin
Archive Entry
Office Document
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
Obfuscated
Malicious
[Content_Types].xml
Xml
docProps
app.xml
Xml
core.xml
Xml
word
Malicious
document.xml
Xml
fontTable.xml
Xml
settings.xml
Xml
styles.xml
Xml
vbaData.xml
Xml
vbaProject.bin
Office Document
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
Malicious
.
Malicious
Root Entry
Malicious
VBA
Malicious
dir
Module1
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Malicious
[Stored VBA]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Visual Basic
Malicious
[PCode]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
VBA P-Code
Disassembly
Malicious
[Decompiled VBA]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Visual Basic
Decompiled
DeObfuscated
VBScript
Obfuscated
Malicious
[Decompiled VBA].deobfuscated.vbs
DeObfuscated
VBScript
Malicious
[Full Diff]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Visual Basic
Malicious
__SRP_0
__SRP_1
__SRP_2
__SRP_3
_VBA_PROJECT
PROJECT
PROJECTwm
webSettings.xml
Xml
media
image1.jpeg
image1.jpeg-preview.png
theme
theme1.xml
Xml
_rels
document.xml.rels
Xml
vbaProject.bin.rels
Xml
_rels
.rels
Xml
Opticsense New Order.doc.zip (21.88 KB)
File Structure
Opticsense New Order.doc.zip
Zip Archive
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
Obfuscated
Malicious
Opticsense New Order.doc.bin
Archive Entry
Office Document
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
DeObfuscated
VBScript
Obfuscated
Malicious
[Content_Types].xml
Xml
docProps
app.xml
Xml
core.xml
Xml
word
Malicious
document.xml
Xml
fontTable.xml
Xml
settings.xml
Xml
styles.xml
Xml
vbaData.xml
Xml
vbaProject.bin
Office Document
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
Malicious
.
Malicious
Root Entry
Malicious
VBA
Malicious
dir
Module1
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Malicious
[Stored VBA]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Visual Basic
Malicious
[PCode]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
VBA P-Code
Disassembly
Malicious
[Decompiled VBA]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Visual Basic
Decompiled
DeObfuscated
VBScript
Obfuscated
Malicious
[Decompiled VBA].deobfuscated.vbs
DeObfuscated
VBScript
Malicious
[Full Diff]
VBA Stomping
ATT&CK T1564.007
Malicious
Malicious Document
VBA Macro
Visual Basic
Malicious
__SRP_0
__SRP_1
__SRP_2
__SRP_3
_VBA_PROJECT
PROJECT
PROJECTwm
webSettings.xml
Xml
media
image1.jpeg
image1.jpeg-preview.png
theme
theme1.xml
Xml
_rels
document.xml.rels
Xml
vbaProject.bin.rels
Xml
_rels
.rels
Xml
Characteristics
vbaDNA - VBA Stomping & Purging Stategy detection
|
Module Name0 | ||
|---|---|---|
| Module1 | VBA Stomping ATT&CK T1564.007 Malicious Malicious Document VBA Macro |
|
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.