Static task
static1
Behavioral task
behavioral1
Sample
WF_Payment Remittance -2021237.doc
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
WF_Payment Remittance -2021237.doc
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
WF_Payment Remittance -2021237.doc
-
Size
238KB
-
MD5
d76972e44f354169a094f361973767fc
-
SHA1
ec22e831f7395d071dc480819787dbf64a082c15
-
SHA256
c5c4f08431b453c03ebf5516e4c5ef0265dfbc68b3a2ea6b2c91861d96891ee5
-
SHA512
6fa427a8c11aaf4c50ed41479e1d932a87bf1302ca81db41b16711d9d553e1dce79c499a82a5099ef77598cbc3f30ef25b788182ffeb43ddff4c825d751a75e8
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource yara_rule sample office_xlm_macros sample office_macros
Files
-
WF_Payment Remittance -2021237.doc.doc windows office2003
owershell