Behavioral task
behavioral1
Sample
42543424254673870027753__2023-08-03_1457.doc
Resource
win7-20230220-en
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
42543424254673870027753__2023-08-03_1457.doc
Resource
win10v2004-20230220-en
12 signatures
150 seconds
General
-
Target
Leadingwin.co.zip
-
Size
677KB
-
MD5
2bd503acd46447b31b273169322cdd83
-
SHA1
4bd329fc0375c54e5a7d7db090153965505c6827
-
SHA256
57046f0e455566b707942031676202747915b671f33122fa56460d26a17f6713
-
SHA512
e56d25b54b9db7f5fa5a60a88f16fc02e12c3dbfbfadda9a07b5d7d2f1e50b542bf5479da61f782f7b4066374467c0f1e591a0b9d3da2263568f9411aabadad2
-
SSDEEP
6144:SJNbwmfcuHom8Hz2f//ywiWT8xVTI5wqI:+bPHom8TYyCT8x5I5wr
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/42543424254673870027753__2023-08-03_1457.doc office_macro_on_action -
resource static1/unpack001/42543424254673870027753__2023-08-03_1457.doc
Files
-
Leadingwin.co.zip.zip
-
42543424254673870027753__2023-08-03_1457.doc.doc windows office2003
ThisDocument
Module1