3af77ff8058f4fad47637f95ecd6ee6f46bca9f5790618d1601480ce8c193780[.]zip

Reason

office: non-rc4 encrypted document not supported

General

Target

3af77ff8058f4fad47637f95ecd6ee6f46bca9f5790618d1601480ce8c193780.zip
Size

19KB
MD5

58daa464dfec634ae48dbf894d7506c6
SHA1

2bc7b720672d10e5d848548bbc47147ae41a1b90
SHA256

75d31cbbdbcaeb0afcd1861519485f4467e21d5d7e13ecabeaa8c64bb08172ac
SHA512

3f019397c5cdc96ddd1120547684f02cb603f5ac2d47c692a8969d5061eaef9ae6688f08ae8e95e6374a1d1095991eb6f8c2eaaa4699dc08788e31e1ebfcb001
SSDEEP

384:SBUf/8pi8GXxTVwqgRVbG2EzP8WQT+LurgTq8PZUF3pJ:z/8piZhTVwJRePJbSreqkZUJpJ

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

resource	yara_rule
static1/unpack001/3af77ff8058f4fad47637f95ecd6ee6f46bca9f5790618d1601480ce8c193780	office_macro_on_action

3af77ff8058f4fad47637f95ecd6ee6f46bca9f5790618d1601480ce8c193780.zip
.zip

Password: infected
3af77ff8058f4fad47637f95ecd6ee6f46bca9f5790618d1601480ce8c193780
.xls windows office2003