General

  • Target

    96afe1c2-c772-4f3a-bca4-80606734c6ce.eml

  • Size

    966KB

  • MD5

    211da14de1113059da90257de399eb2f

  • SHA1

    ad0cb19d2169d3dfd565f3ed20686c1e91fc5f03

  • SHA256

    c976e44ad0a5fab2c23a5f238eede96c3532f36deaf2646837869415d6ea014b

  • SHA512

    d9052531eed7c2f63b4009544e98b0c4e895898f607f7709b219610ee43f45a03f0c08af9aa9737d4849e60442b1c9cc97e038dca491b14e725521a4f88275f5

  • SSDEEP

    6144:bK7mQNHmLZxAey6wQSl5feaXBOjaS7/wIF4tfXq/uIiVsjjkjW:bK7zHm4eKQSPGaXBdSLF4Rq/ubmYjW

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 96afe1c2-c772-4f3a-bca4-80606734c6ce.eml
    .eml
    • https://trpconf.zoom.us/j/99565829129?pwd=SnpIZkhWbmZzRHhNM3FqRmdqcWhBZz09&from=addon

    • https://trpconf.zoom.us/u/asG5iG3Fv

  • Rep_97915979.zip
    .zip
  • Rep_97915979.doc
    .doc windows office2003

    ThisDocument

    Module1

  • email-html-1.txt
    .html
  • image001.png
    .png