Behavioral task
behavioral1
Sample
5183806092083307240, United Kingdom.doc
Resource
win7-20230220-en
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
5183806092083307240, United Kingdom.doc
Resource
win10v2004-20230221-en
6 signatures
150 seconds
General
-
Target
Egyptair.zip
-
Size
702KB
-
MD5
bfa50a2fae18263e51e498e5a96e54a3
-
SHA1
d082d426ff9850b5f1d2f1d0f79dfc7f9094e8e1
-
SHA256
19a90eef0f52ce9d9ece0aa3d560f9bdd469b7c0b780fd2269ba9082b001ca00
-
SHA512
c7a42dcfe159cabdb9b5e0705d23915d09e105117760546d98703527356d8965ccdf85e9f156f16ee56c99eeaeae0a74e54fb3f6e45761b32f8dc18873cde174
-
SSDEEP
3072:mIFb4Wmkqke+cEeqH9vH+i2s1Vj8JxuLVpMs75XLKZvq:mOykqk6Lw+i2s1Vjkxuxp/Qvq
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/5183806092083307240, United Kingdom.doc office_macro_on_action -
Processes:
resource static1/unpack001/5183806092083307240, United Kingdom.doc
Files
-
Egyptair.zip.zip
-
5183806092083307240, United Kingdom.doc.doc windows office2003
ThisDocument
Module1