Static task
static1
Behavioral task
behavioral1
Sample
71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe.doc
Resource
win10v2004-20220414-en
General
-
Target
71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe
-
Size
508KB
-
MD5
ef267ca731b0a1ba54dec692a3be199f
-
SHA1
04913b97d707bd6ad6008f004fcc82f8bcc9c720
-
SHA256
e2a37fcb753fa41eb96311ec4017469ed6a7123171275b8b1812c28ac61bfff3
-
SHA512
8e6fe551197fd52118683140a3c732584be30855a52b0904901a258f03e3a2a1d4b005a8aaa67c48845f167d64f7fcef119b3ccb6006538fafcdb5b5696c29aa
-
SSDEEP
12288:KEg8gLX7U6xazlk2HuYRfXm03MbssuBPWQebv0nHfh0VTH:TgMnWuuCf2yms1BPWQm8pa
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe.doc office_macro_on_action -
Processes:
resource static1/unpack001/71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe.doc
Files
-
71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe.zip
Password: infected
-
71412027c3b5c6b27d4d22b43dd073bca949af7b5731d7f44c2f9406801d13fe.doc.doc windows office2003
ThisDocument
Module1