Malicious Office Macros: Detecting Similarity in the Wild
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID eeb1745f-fdc8-4def-8a9f-b4da9bfaf908
Fingerprint 2461895189249bab
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 16, 2023, 10:34 a.m.
Added to db Jan. 16, 2023, 1:44 p.m.
Last updated Nov. 18, 2024, 2:36 a.m.
Headline Malicious Office Macros: Detecting Similarity in the Wild
Title Malicious Office Macros: Detecting Similarity in the Wild
Detected Hints/Tags/Attributes 33/2/15
Source URLs
Redirection Url
Details Source https://perception-point.io/blog/research/malicious-office-macros-detecting-similarity-in-the-wild/
URL Provider
Details Provider Source level domain
Details perception-point.io perception-point.io
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 192 Perception Point https://perception-point.io/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 312 
calc.exe
Details File 3 
ggg.exe
Details File 2 
blackstartup.txt
Details File 2 
nanapersonalstartthingup.txt
Details File 365 
console.log
Details sha1 2 
e79b393beb4b758a43d9b08b478c41cd905ee856
Details sha1 2 
ab58eafa868f754998dbff6351915010a5236304
Details sha256 3 
0005144ebb03d2f5a5b17e21362c628ddc1705e910cfd56032b7b55c932b68da
Details sha256 3 
20e2093192e7b7b96c067cd8f16cee4ccb51e8c10676050646877bc83dc34a27
Details sha256 3 
31e93f3226377174335eabda90bc771425043cf412dd91b257f1814be085c715
Details sha256 3 
6586c7399b24c4b29c2173ec47a733cab38abe3d175b47bbdd7188e3ab1dd0c3
Details sha256 3 
536eaf59d72519d5e1cc52e98e212fdf52855f1828d3326fcd22be5071b231a0
Details sha256 3 
b5f6912f1291dc26442e02bb2e79c7c13613a87d23ddf0c294c9d02b231aab70
Details Url 2 
https://bitbucket.org/!api/2.0/snippets/newwork123social/7qrz99/e79b393beb4b758a43d9b08b478c41cd905ee856/files/blackstartup.txt
Details Url 2 
https://bitbucket.org/!api/2.0/snippets/newwork123social/ner9xa/ab58eafa868f754998dbff6351915010a5236304/files/nanapersonalstartthingup.txt