5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e | Triage

Sharing

General

Target

5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e
Size

626KB
MD5

a467bac7d7378da7295f169cfb194d0b
SHA1

d3b627b91d7ec434849c0311d92ba890650b0bee
SHA256

f765f3f4cac62396a00b1a1b5e39f00213d51bd3e816213c7a19784e98630577
SHA512

f9bfd01f00008bb57107b7c782517cbf3f84edc56d1d6a7bc6c8053db4d2415fda2f0a661f6368160f4535424fcd2ae9f1c6cc45bca8a670c8954547a089a35c

Score

8^/10

macro

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

Processes:

resource	yara_rule
static1/unpack001/5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with 4.0 macros.

Processes:

resource	yara_rule
static1/unpack001/5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc	office_xlm_macros

Files

5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e
.zip

Password: infected
5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e.doc
.doc windows office2003

ThisDocument

paern

Module1