Static task
static1
Behavioral task
behavioral1
Sample
bd7920ab4830328cb91d1d1f60b93808e318df56daa4b535e0c6e1a03f691e37.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bd7920ab4830328cb91d1d1f60b93808e318df56daa4b535e0c6e1a03f691e37.doc
Resource
win10v2004-20220414-en
General
-
Target
bd7920ab4830328cb91d1d1f60b93808e318df56daa4b535e0c6e1a03f691e37
-
Size
2.7MB
-
MD5
b3e3e01be28b21afa8a5a6058282a35a
-
SHA1
42651de9242843083d29249301513bf80d15032a
-
SHA256
bd7920ab4830328cb91d1d1f60b93808e318df56daa4b535e0c6e1a03f691e37
-
SHA512
9e8b104a6a5805b2627b078fa852388cd5f4c959a3dd20ecb2396a23d625668f9d014d578f11ea59a93a804632d1efc6a288b1144e7eaebdb93a03a9af67a322
-
SSDEEP
12288:l0FmhTXZ1bx/s/63fyBElsx8ZhCp7sqUysp6EmH6tIj3C/wjWbj:lFTXZ1bx/s/tElsx8ZhCp96yfaH
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
bd7920ab4830328cb91d1d1f60b93808e318df56daa4b535e0c6e1a03f691e37.doc windows office2003
ThisDocument
Passant