51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7[.]zip

General

Target

51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7.zip
Size

124KB
MD5

dfefd583a0a1a55fbca36be61c14bb46
SHA1

e15b4f8322a445a9fc8d28bfa2242e9c184265bc
SHA256

8e53f1a17473f510fc6c0b22d2e760920c60b0d6f50d753cbe3392416f788beb
SHA512

b1180f66178fcb929f35e45892165fd4b979729d76c8e2fb7ae68b7050b57f8aeffdbde18c29e11ece28c118f7f4220b09f6816d9101518799c2081fd58d0a87
SSDEEP

3072:3CD3XtG2Ra4La/6lA3ArV7B48CUKWanroutGd:yTXtG25aSlA3oV7BgdEutm

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

resource	yara_rule
static1/unpack002/INVOICE 589 03_23.doc	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

resource
static1/unpack002/INVOICE 589 03_23.doc

51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7.zip
.zip

Password: infected
51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7.zip
.zip

Password: infected
INVOICE 589 03_23.doc
.doc windows office2003

ThisDocument

Module1