Behavioral task
behavioral1
Sample
SCAN-14032023.doc
Resource
win7-20230220-en
windows7-x64
12 signatures
150 seconds
General
-
Target
SCAN-14032023.zip
-
Size
739KB
-
MD5
d33bc156c84e222419aff3815d5946f2
-
SHA1
8e2fdb102f47602c6beeb250cd5cc400e50fd2b6
-
SHA256
e02bb757e6ed2c531fc97cf30099aec744f6a4c910b0962b660542baf87b6353
-
SHA512
a25a419b0db1fae97804f02dd6cc6c96349654e8d39c4a98a98b66dac20ac3280128d5aa7f9ab26f450b78c47971f9ed0d7ec915a4dc2287062d7e382b08cb05
-
SSDEEP
6144:5wZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BTv:GtDlb6IqXCRUe1BTcH8VIM+Vv
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/SCAN-14032023.doc office_macro_on_action -
Processes:
resource static1/unpack001/SCAN-14032023.doc
Files
-
SCAN-14032023.zip.zip
-
SCAN-14032023.doc.doc windows office2003
ThisDocument
Module1