Behavioral task
behavioral1
Sample
INVOICE 589 03_23.doc
Resource
win7-20230220-en
11 signatures
150 seconds
Behavioral task
behavioral2
Sample
INVOICE 589 03_23.doc
Resource
win10v2004-20230220-en
11 signatures
150 seconds
General
-
Target
51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7.zip
-
Size
124KB
-
MD5
e372cb105788c8f38b2602195f54838a
-
SHA1
0add8072a1188888464f289c66f234c56802ea86
-
SHA256
a9509269efb3f592e65a86663b1095e93fbfe0571d9597d1f7e2b912e100d26f
-
SHA512
6d308e5b051b26c342d4b2f4cc1b434dd778f13619c49ca7187b10d0f964d31f32e12a875c57877ca449209dd00049f94ae08c0fb0b519a350edd4a6bfac8218
-
SSDEEP
3072:LBGIXQp842tiMo1n/B1UZChu6L8H1r3cFFckEejc/bUJ:tbX/81/XUZVUe1FkiY
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack002/INVOICE 589 03_23.doc office_macro_on_action -
resource static1/unpack002/INVOICE 589 03_23.doc
Files
-
51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7.zip.zip
Password: infected
-
51f1fdf15170d27b6c36e52407bc57e614400179e93fb406eb8e8d6a1d3ecfa7.zip.zip
Password: infected
-
INVOICE 589 03_23.doc.doc windows office2003
ThisDocument
Module1