General

  • Target

    9497ab22b6d165847ec059d354a69792600dcd41090e7f652a630f901add7040

  • Size

    377KB

  • MD5

    ee4634fd220397f140a5c7ed5c0ec136

  • SHA1

    a3f08624ea3e4875343e8cd9599057db9ffd6b82

  • SHA256

    9497ab22b6d165847ec059d354a69792600dcd41090e7f652a630f901add7040

  • SHA512

    daf663b6f6c9ccf86eb77710d48eae55651130f98e34ddb357f6c70ea477a33fc14db34266d1d914b1c4df82b6e309a701d4e3a9f4a4c563a47ccefeb7ea7dd3

  • SSDEEP

    3072:TXaDRlZunZN/GD3t37wd05fcLU0/RVwFoOYSGdNdZwnBtmyLtHqt37YKshJtQFQ:DaDRlZu3w4gde0N4L

Score
10/10

Malware Config

Signatures

  • Ostap JavaScript Downloader 1 IoCs

    Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot

  • Ostap family
  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 9497ab22b6d165847ec059d354a69792600dcd41090e7f652a630f901add7040
    .doc .js windows office2003

    Sheet1

    ThisWorkbook

    UserForm1