313a743ed5558caa203fd873c22a178d6e4fed8c3ca75d40f827eeedccf31c37

General

Target

313a743ed5558caa203fd873c22a178d6e4fed8c3ca75d40f827eeedccf31c37
Size

115KB
MD5

7cf2a5dfb0c0777e0670aea29cb3a97b
SHA1

ddbcdccf41d8386ae5183415c3ce139a6a010efb
SHA256

313a743ed5558caa203fd873c22a178d6e4fed8c3ca75d40f827eeedccf31c37
SHA512

e87fbf56de867d4b895db24dd7c7abb2fedfcf020ed004e636bb5bf4b5b51b8f9a2da534b7077eab822b42f939891c217ca162d4b1334bf3ded7bbc611fbb92c
SSDEEP

3072:WFJ6s9d9fP4LvppgFS8tvJpIl/2016CMnryG1e:bs9grpwSQpIl7IryMe

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

Processes:

resource	yara_rule
sample	office_macro_on_action

313a743ed5558caa203fd873c22a178d6e4fed8c3ca75d40f827eeedccf31c37
.doc windows office2003