Fake order delivering AveMaria stealer with difficult office doc

I had a bit of  a problem trying to analyse this malware today. The word doc looks pretty average at first glance, but trying to run it in Anyrun  on a W7 32 or 64 bit version of windows. gave me VBA errors. It also wouldn’t run on 64 bit versions of W8.1 or W10, giving the same VBA errors  I then tried to upload to IRIS-H analysis where it crashed. It wouldn’t even upload to Hybrid analysis using either 32 bit W7 or 64 bit. I think Anyrun uses Office 2010 on W7 and Office 2013 on W8.1. I … Continue reading →

Article Link: https://myonlinesecurity.co.uk/fake-order-delivering-avemaria-stealer-with-difficult-office-doc/