Malicious
Malicious

a9235540208fa6a25614c24a59e19199

MS Office Document
|
MD5: a9235540208fa6a25614c24a59e19199
|
Size: 1.44 MB
|
application/vnd.ms-office

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
a9235540208fa6a25614c24a59e19199
Sha1
7bb0d162bbaa462c516502d1db56818d24ad825f
Sha256
7ea4b307e84c8b32c0220eca13155a4cf66617241f96b8af26ce2db8115e3d53
Sha384
fc0095a1ea95ffbb44baea6e99f736d5d94ac0aa0a0b95901c4059665c869b1ae5379d051679f85ac960f460d184acdb
Sha512
7b6049e3dc466dbbe7b16a83c6aede58000f74f49e15d0aa7571424e15f555d61389ce0fb466d5aa65afefba00c25822760bc7900b4d7180cd423ed5d57fb87d
SSDeep
12288:t+8kLgmTS9halC5HxXnSBRUnm9vbOTNEIM0Uy5bR1MAES3ip1aSuF6nxv9gpeFn6:BmTS9SCTAf9vbOpEr2hF6
TLSH
2A65BF7BCEABADBDFDAC3CB498002DC81E5C2D4705548016AF8835BEA7F8964CD19971
File Structure
a9235540208fa6a25614c24a59e19199
Malicious
[Base64-Block @0x0005921C]
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.fptable
_guard_c
_guard_d
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:1033
[Repaired @0x0004DA76]
Malicious
Root Entry
Malicious
1Table
Malicious
[Repaired @0x00001076]
Malicious
[Content_Types].xml
_rels
.rels
theme
theme
themeManager.xml
theme1.xml
_rels
themeManager.xml.rels
CompObj
WordDocument
SummaryInformation
DocumentSummaryInformation
Macros
PROJECT
PROJECTwm
VBA
dir
Module1
[Stored VBA]
Malicious
[PCode]
[Decompiled VBA]
Malicious
UserForm1
[Stored VBA]
Malicious
[PCode]
[Decompiled VBA]
Malicious
ThisDocument
[Stored VBA]
[PCode]
[Decompiled VBA]
_VBA_PROJECT
UserForm1
f
o
CompObj
VBFrame
Artefacts
Name
 Value
URLs in VB Code - #1

http://schemas.openxmlformats.org/drawingml/2006/main
URLs in VB Code - #1

http://schemas.openxmlformats.org/drawingml/2006/main
a9235540208fa6a25614c24a59e19199 (1.44 MB)
File Structure
a9235540208fa6a25614c24a59e19199
Malicious
[Base64-Block @0x0005921C]
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.fptable
_guard_c
_guard_d
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:1033
[Repaired @0x0004DA76]
Malicious
Root Entry
Malicious
1Table
Malicious
[Repaired @0x00001076]
Malicious
[Content_Types].xml
_rels
.rels
theme
theme
themeManager.xml
theme1.xml
_rels
themeManager.xml.rels
CompObj
WordDocument
SummaryInformation
DocumentSummaryInformation
Macros
PROJECT
PROJECTwm
VBA
dir
Module1
[Stored VBA]
Malicious
[PCode]
[Decompiled VBA]
Malicious
UserForm1
[Stored VBA]
Malicious
[PCode]
[Decompiled VBA]
Malicious
ThisDocument
[Stored VBA]
[PCode]
[Decompiled VBA]
_VBA_PROJECT
UserForm1
f
o
CompObj
VBFrame
Characteristics

vbaDNA - VBA Stomping & Purging Stategy detection

Module Name
Module1
VBA Macro
UserForm1
VBA Macro
ThisDocument
Blacklist VBA
VBA Macro
No malware configuration were found at this point.
Artefacts
Name
 Value Location
URLs in VB Code - #1

http://schemas.openxmlformats.org/drawingml/2006/main

a9235540208fa6a25614c24a59e19199
URLs in VB Code - #1

http://schemas.openxmlformats.org/drawingml/2006/main

a9235540208fa6a25614c24a59e19199 > [Repaired @0x0004DA76]
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙