The sample appeared on September 6, 2019, and the sample analysis report was on September 16, 2019. The sample comes from the foreign sandbox app.any.run.
Sample information
FileName | FileType | FileSize | MD5 |
---|---|---|---|
Order____679873892.xls | RevengeRAT variant | 41,472 bytes | 7641fef8abc7cb24b66655d11ef3daf2 |
Sample behavior
After the sample is started, there will be a safety prompt to start the macro function.
After the macro is enabled, it prompts a runtime error, and the prompt title is Microsoft Visual Basic. From this, it can be inferred that a certain error occurred during the execution of the VB macro code.