Behavioral task
behavioral1
Sample
2bba119cbbecbc1fd2b91745d17f2d81c99eb71defb82b4b48c15cd4d145bf35.doc
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
2bba119cbbecbc1fd2b91745d17f2d81c99eb71defb82b4b48c15cd4d145bf35.doc
Resource
win10v2004-20220812-en
General
-
Target
2bba119cbbecbc1fd2b91745d17f2d81c99eb71defb82b4b48c15cd4d145bf35.zip
-
Size
12KB
-
MD5
0a9bdbc0f6a534c6367f90cd2381a448
-
SHA1
182461aee12ce7b208c5ac61c86cb32664a9a74a
-
SHA256
15a08f6816f588f324ddab04dd5df2bff0d7b5e9fadc098205686482df9f8991
-
SHA512
528a3525cdf40e1aff1b17c05fb4bb649b84f8c351ea76112d2a9dfe12a0d299a13237e0342d7f7f3cd58fefde484892588bf3ae8c759558b67251de56cf2244
-
SSDEEP
384:lKm4HYgv6Cx+IVInasd1suGXaRXE7d9wW7+:6HYEXx+I1sL9qA
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/2bba119cbbecbc1fd2b91745d17f2d81c99eb71defb82b4b48c15cd4d145bf35 office_macro_on_action
Files
-
2bba119cbbecbc1fd2b91745d17f2d81c99eb71defb82b4b48c15cd4d145bf35.zip.zip
Password: infected
-
2bba119cbbecbc1fd2b91745d17f2d81c99eb71defb82b4b48c15cd4d145bf35.doc .vbs windows office2003