Static task
static1
Behavioral task
behavioral1
Sample
5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc
Resource
win7v200722
windows7_x64
0 signatures
0 seconds
General
-
Target
5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e
-
Size
626KB
-
MD5
a467bac7d7378da7295f169cfb194d0b
-
SHA1
d3b627b91d7ec434849c0311d92ba890650b0bee
-
SHA256
f765f3f4cac62396a00b1a1b5e39f00213d51bd3e816213c7a19784e98630577
-
SHA512
f9bfd01f00008bb57107b7c782517cbf3f84edc56d1d6a7bc6c8053db4d2415fda2f0a661f6368160f4535424fcd2ae9f1c6cc45bca8a670c8954547a089a35c
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc office_macro_on_action -
Processes:
resource yara_rule static1/unpack001/5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc office_xlm_macros
Files
-
5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.zip
Password: infected
-
5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc.doc windows office2003
ThisDocument
paern
Module1