General
Structural Analysis
Config.0
Yara Rules91
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | a9235540208fa6a25614c24a59e19199
|
| Sha1 | 7bb0d162bbaa462c516502d1db56818d24ad825f
|
| Sha256 | 7ea4b307e84c8b32c0220eca13155a4cf66617241f96b8af26ce2db8115e3d53
|
| Sha384 | fc0095a1ea95ffbb44baea6e99f736d5d94ac0aa0a0b95901c4059665c869b1ae5379d051679f85ac960f460d184acdb
|
| Sha512 | 7b6049e3dc466dbbe7b16a83c6aede58000f74f49e15d0aa7571424e15f555d61389ce0fb466d5aa65afefba00c25822760bc7900b4d7180cd423ed5d57fb87d
|
| SSDeep | 12288:t+8kLgmTS9halC5HxXnSBRUnm9vbOTNEIM0Uy5bR1MAES3ip1aSuF6nxv9gpeFn6:BmTS9SCTAf9vbOpEr2hF6
|
| TLSH | 2A65BF7BCEABADBDFDAC3CB498002DC81E5C2D4705548016AF8835BEA7F8964CD19971
|
File Structure
a9235540208fa6a25614c24a59e19199
Malicious
[Base64-Block @0x0005921C]
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.fptable
_guard_c
_guard_d
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:1033
[Repaired @0x0004DA76]
Malicious
Root Entry
Malicious
CompObj
WordDocument
SummaryInformation
DocumentSummaryInformation
Macros
PROJECT
PROJECTwm
VBA
dir
Module1
UserForm1
_VBA_PROJECT
UserForm1
Artefacts
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | http://schemas.openxmlformats.org/drawingml/2006/main |
| URLs in VB Code - #1 | http://schemas.openxmlformats.org/drawingml/2006/main |
a9235540208fa6a25614c24a59e19199 (1.44 MB)
File Structure
a9235540208fa6a25614c24a59e19199
Malicious
[Base64-Block @0x0005921C]
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.idata
.00cfg
_RDATA
.fptable
_guard_c
_guard_d
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:1033
[Repaired @0x0004DA76]
Malicious
Root Entry
Malicious
CompObj
WordDocument
SummaryInformation
DocumentSummaryInformation
Macros
PROJECT
PROJECTwm
VBA
dir
Module1
UserForm1
_VBA_PROJECT
UserForm1
Characteristics
vbaDNA - VBA Stomping & Purging Stategy detection
|
Module Name0 | ||
|---|---|---|
| Module1 | VBA Macro |
|
| UserForm1 | VBA Macro |
|
| ThisDocument | Blacklist VBA VBA Macro |
|
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | http://schemas.openxmlformats.org/drawingml/2006/main |
a9235540208fa6a25614c24a59e19199 |
| URLs in VB Code - #1 | http://schemas.openxmlformats.org/drawingml/2006/main |
a9235540208fa6a25614c24a59e19199 > [Repaired @0x0004DA76] |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.