2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb[.]xlsx

Reason

office: non-rc4 encrypted document not supported

General

Target

2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb.xlsx
Size

4.8MB
MD5

b254c8d9ae407218a0f9239f12cb8e98
SHA1

4d4ceb4132958c26d70bff290000bfbf8b182026
SHA256

2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb
SHA512

23e9a2cd9193a9b529854c55e5bfcb9c1229630d5e64e902a8d9b061e635d3abadd7bc6c457a5f8c58eef2016dd473a3b14808d7cafbdc73941a32c8025edb77
SSDEEP

98304:Ov4K91f7vFpQ+g8RFpiLd+8kLD84tCEr0RtNiC5eSsNMt+r+WC1HnKHnn3BBXXX:OvpvFa+g8RWLdPk/84tCEr0RtNiC5eSF

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

Processes:

resource	yara_rule
sample	office_macro_on_action

2097682836d4dffd6f1a05da68e4ea2a95af15e64460e896f4baa1261b3b69cb.xlsx
.xls .xlsx windows office2003