Malicious Office Macros: Detecting Similarity in the Wild | Perception Point
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 1b7a2310-d327-4fcf-ad0b-f83d78c4e33f |
| Fingerprint | 24e1895109a493ab |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 17, 2023, 12:07 p.m. |
| Added to db | March 6, 2023, 8:53 p.m. |
| Last updated | Nov. 18, 2024, 1:38 a.m. |
| Headline | Malicious Office Macros: Detecting Similarity in the Wild |
| Title | Malicious Office Macros: Detecting Similarity in the Wild | Perception Point |
| Detected Hints/Tags/Attributes | 37/2/21 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 192 | ✔ | Perception Point | https://perception-point.io/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 15 | objshell.run |
|
| Details | Domain | 74 | adodb.stream |
|
| Details | Domain | 1 | cbinarystream.open |
|
| Details | Domain | 6 | binarystream.open |
|
| Details | File | 312 | calc.exe |
|
| Details | File | 3 | ggg.exe |
|
| Details | File | 2 | blackstartup.txt |
|
| Details | File | 2 | nanapersonalstartthingup.txt |
|
| Details | File | 2127 | cmd.exe |
|
| Details | File | 46 | microsoft.xml |
|
| Details | File | 4 | el.dat |
|
| Details | sha1 | 2 | e79b393beb4b758a43d9b08b478c41cd905ee856 |
|
| Details | sha1 | 2 | ab58eafa868f754998dbff6351915010a5236304 |
|
| Details | sha256 | 3 | 0005144ebb03d2f5a5b17e21362c628ddc1705e910cfd56032b7b55c932b68da |
|
| Details | sha256 | 3 | 20e2093192e7b7b96c067cd8f16cee4ccb51e8c10676050646877bc83dc34a27 |
|
| Details | sha256 | 3 | 31e93f3226377174335eabda90bc771425043cf412dd91b257f1814be085c715 |
|
| Details | sha256 | 3 | 6586c7399b24c4b29c2173ec47a733cab38abe3d175b47bbdd7188e3ab1dd0c3 |
|
| Details | sha256 | 3 | 536eaf59d72519d5e1cc52e98e212fdf52855f1828d3326fcd22be5071b231a0 |
|
| Details | sha256 | 3 | b5f6912f1291dc26442e02bb2e79c7c13613a87d23ddf0c294c9d02b231aab70 |
|
| Details | Url | 2 | https://bitbucket.org/!api/2.0/snippets/newwork123social/7qrz99/e79b393beb4b758a43d9b08b478c41cd905ee856/files/blackstartup.txt |
|
| Details | Url | 2 | https://bitbucket.org/!api/2.0/snippets/newwork123social/ner9xa/ab58eafa868f754998dbff6351915010a5236304/files/nanapersonalstartthingup.txt |