MES_1[.]zip | Triage

Sharing

General

Target

MES_1.zip
Size

709KB
MD5

88b964065d3f41da928e4f12fab2f2d3
SHA1

039d46e9cf59aa09273e1fc9143f0768cd0908ba
SHA256

0967b19863d5ed06d83a9279b6e86293775bb27bba837a7083de9fd17e55fd15
SHA512

71e67cece3a26ba89d92fdf0cde0fcb5ea312619d2e1df245bfa6a0f59af6518f20bc0791b34c459d5f4ef670c89ef34dbe11c2284f75f64e66fe90646a3e3de
SSDEEP

6144:UwZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BTF:ntDlb6IqXCRUe1BTcH8VIM+VF

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

Processes:

resource	yara_rule
static1/unpack001/MES_1.doc	office_macro_on_action

Suspicious Office macro 1 IoCs
Office document equipped with macros.
macro

Processes:

resource

static1/unpack001/MES_1.doc

Files

MES_1.zip
.zip
MES_1.doc
.doc windows office2003

ThisDocument

Module1