Malware Analysis – Microsoft Word (VBA Macro Downloader using PowerShell)
1) Sample Details: MD5 – 5ab2c99e5b4673494c2b37da10442bc3SHA-1 – 00d379f6e1d040a185f7c7d678879360a1570b47SHA-256 – 05e1e27194872ea82491a474afd2273bdad56e2b61172453ef3e771be6965c82 $ file PT798800-TT000768-11.doc PT798800-TT000768-11.doc: Microsoft Word 2007+ 2) Right away we see the suggestion provided to enable macro and a “100% Virus Satisfaction Guaranteed Seal” with a check mark next to ‘No Download’ (seems legit :p). 3) There was a lot of Junk Code like […]
Malware Analysis Blog 