MX62EDO 10[.]02[.]2016[.]doc | Triage

Sharing

General

Target

MX62EDO 10.02.2016.doc
Size

68KB
MD5

6da6c35373c03725ebbf3105d9178dbb
SHA1

11618d747d2fa5acdd1c3cb9ed7f85c46638668b
SHA256

9a4b5bbf276e3e208715b4c133fc17984bb9671f24b31b99907afcbedd325cab
SHA512

2879dee8826de8f7b6c3edf28330464c494001e89ce608621c13c293b5f1ec89ceede2070e2a6d7b13bfd5a09b3e6ee0ee616387d0c8c6da2d98b73a364b7222
SSDEEP

768:JLJgf0XWjihv3bPy9U+3G38gEALj7tRFVi7007MCD6/277M5FnY9pN:IS98gRyy/+SFnY9H

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

Processes:

resource	yara_rule
sample	office_macro_on_action

Suspicious Office macro 1 IoCs
Office document equipped with macros.
macro

Processes:

resource

sample

Files

MX62EDO 10.02.2016.doc
.doc .vbs windows office2003

ThisDocument

SamboF

Module3

Module2

Module1