SCAN-14032023[.]zip | Triage

Resubmissions

14-03-2023 10:32

230314-mk8l2sgh5s 8

14-03-2023 10:27

230314-mhhmvagh3w 10

Sharing

General

Target

SCAN-14032023.zip
Size

739KB
MD5

d33bc156c84e222419aff3815d5946f2
SHA1

8e2fdb102f47602c6beeb250cd5cc400e50fd2b6
SHA256

e02bb757e6ed2c531fc97cf30099aec744f6a4c910b0962b660542baf87b6353
SHA512

a25a419b0db1fae97804f02dd6cc6c96349654e8d39c4a98a98b66dac20ac3280128d5aa7f9ab26f450b78c47971f9ed0d7ec915a4dc2287062d7e382b08cb05
SSDEEP

6144:5wZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BTv:GtDlb6IqXCRUe1BTcH8VIM+Vv

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

Processes:

resource	yara_rule
static1/unpack001/SCAN-14032023.doc	office_macro_on_action

Suspicious Office macro 1 IoCs
Office document equipped with macros.
macro

Processes:

resource

static1/unpack001/SCAN-14032023.doc

Files

SCAN-14032023.zip
.zip
SCAN-14032023.doc
.doc windows office2003

ThisDocument

Module1