Static task
static1
Behavioral task
behavioral1
Sample
0005d6f1f40861383e0b3bf9381dde19e97746d0a5b0ad7a1047290d529773c9.doc
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
0005d6f1f40861383e0b3bf9381dde19e97746d0a5b0ad7a1047290d529773c9.doc
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
5432469150793728.zip
-
Size
123KB
-
MD5
0f4d21ed3e59e86afea44a1dac7372db
-
SHA1
b84a39e5e11f3441833ca8a43529520e23cb89fa
-
SHA256
54f7b88632e990fa580ceba4d4f7825e984ebc835e63505b5c206a0a15d34b96
-
SHA512
9101b7b190d5f004450080c155296cfababb48c41d5aba5b01f7d372e5e7e405e2165aaa028190cb931bbabe46f0643129bf215285b391be6598a63f8d5b22ec
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/0005d6f1f40861383e0b3bf9381dde19e97746d0a5b0ad7a1047290d529773c9 office_macro_on_action -
Processes:
resource yara_rule static1/unpack001/0005d6f1f40861383e0b3bf9381dde19e97746d0a5b0ad7a1047290d529773c9 office_xlm_macros static1/unpack001/0005d6f1f40861383e0b3bf9381dde19e97746d0a5b0ad7a1047290d529773c9 office_macros
Files
-
5432469150793728.zip.zip
Password: infected
-
0005d6f1f40861383e0b3bf9381dde19e97746d0a5b0ad7a1047290d529773c9.doc windows office2003
ihWZtljSr
qSvLRQOG
fTtWkqpZa