c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0[.]zip

General

Target

c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.zip
Size

10KB
MD5

5f731fa7c560c87b9eeba3e7e2f5c03c
SHA1

92d7e08814424698f9ecd36146d2c665d1300cb9
SHA256

9765bf6f8c394a94d04b26211e43346ed51561171929aedf7183843fe8d1bfeb
SHA512

afac5c9a858f567fa79e15b7edc3b3750dab784774bd842225c24955d6b0896efd3f978b610ee1396db185f3b0a56b2ecf55f71ede65402f3735e9e00d4a2c2f
SSDEEP

192:4WekOHuYwbv4YQ1weaQ8AgXRCKo72STW/d4/nB/ywCSH4I/0+e:41kOHuYErJDQ8LXaTMd4vhhH70+e

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

Processes:

resource	yara_rule
static1/unpack001/c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

Processes:

resource
static1/unpack001/c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0

c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0.zip
.zip

Password: infected
c4fa78775e976b5e30d4f2fb71d48b068b3dc27d625972296fd5cc28c58eb1c0
.xls windows office2003

ThisWorkbook

hDhlM