Behavioral task
behavioral1
Sample
MES_1.doc
Resource
win7-20230220-en
windows7-x64
12 signatures
150 seconds
General
-
Target
MES_1.zip
-
Size
709KB
-
MD5
88b964065d3f41da928e4f12fab2f2d3
-
SHA1
039d46e9cf59aa09273e1fc9143f0768cd0908ba
-
SHA256
0967b19863d5ed06d83a9279b6e86293775bb27bba837a7083de9fd17e55fd15
-
SHA512
71e67cece3a26ba89d92fdf0cde0fcb5ea312619d2e1df245bfa6a0f59af6518f20bc0791b34c459d5f4ef670c89ef34dbe11c2284f75f64e66fe90646a3e3de
-
SSDEEP
6144:UwZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BTF:ntDlb6IqXCRUe1BTcH8VIM+VF
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/MES_1.doc office_macro_on_action -
Processes:
resource static1/unpack001/MES_1.doc
Files
-
MES_1.zip.zip
-
MES_1.doc.doc windows office2003
ThisDocument
Module1