General
Structural Analysis
Config.0
Yara Rules34
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | fc26ffd9eff9d6a9703501a03a6b430a
|
| Sha1 | 78e6d93860fdaf2fa703519376ad0830a55138bd
|
| Sha256 | 7acbde4bafa9657b6ffd3cc114dfa603efb6f93a72df33d5ff135f4db385a7cb
|
| Sha384 | 4a9a129bfb9c9b6e2f5373a2c10239556019002ac65e9d0992fd2e2e31ee394bb2f499edb765090b80f938830b6c2da3
|
| Sha512 | 006fc00597c36078348993c83e045e5e7ce295ae1f6c2a7035226dff2fc555556cde458b4b5311e6b86ec932fb976c040fb042ef75b0be65601a4196581c2c80
|
| SSDeep | 192:HpeuyMavlfm7T4ex99cF+WFigYagjOoBmj4LENaj1I:H4u5qle7/cgHag3I3Naq
|
| TLSH | 5142AF4AE12B541CC379107658394EEBF13C64C5234AF8CFAA485279BD11A8317CF6EE
|
File Structure
fc26ffd9eff9d6a9703501a03a6b430a
Malicious
[Content_Types].xml
_rels
.rels
xl
workbook.xml
_rels
workbook.xml.rels
worksheets
sheet1.xml
theme
theme1.xml
styles.xml
vbaProject.bin
Root Entry
PROJECT
PROJECTwm
VBA
dir
Module1
Module1
[Stored VBA]
Malicious
[Stored VBA].deobfuscated.vbs
[Base64-Block]
[Base64-Block]
[Base64-Block]
[Base64-Block]
[Base64-Block]
[Base64-Block]
_VBA_PROJECT
fc26ffd9eff9d6a9703501a03a6b430a (12.92 KB)
File Structure
fc26ffd9eff9d6a9703501a03a6b430a
Malicious
[Content_Types].xml
_rels
.rels
xl
workbook.xml
_rels
workbook.xml.rels
worksheets
sheet1.xml
theme
theme1.xml
styles.xml
vbaProject.bin
Root Entry
PROJECT
PROJECTwm
VBA
dir
Module1
Module1
[Stored VBA]
Malicious
[Stored VBA].deobfuscated.vbs
[Base64-Block]
[Base64-Block]
[Base64-Block]
[Base64-Block]
[Base64-Block]
[Base64-Block]
_VBA_PROJECT
Characteristics
vbaDNA - VBA Stomping & Purging Stategy detection
|
Module Name0 | ||
|---|---|---|
| Module1 | VBA Macro |
|
| ThisWorkbook | Blacklist VBA VBA Macro |
|
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.