Message-5170127[.]zip

General

Target

Message-5170127.zip
Size

720KB
MD5

a061be238a373c7470bcefbc431203f1
SHA1

358484af2b40609951e66634cbd3209f1f14d39d
SHA256

8ed606fe3b8a930e7a50f48b48329594a37baa3cde85fbb3fdc62991eb2a41e4
SHA512

69ec3f798958b94cc69e36ab21ce881672f87559465d8efbe49d4aa923c68929dd72e0bf53e6717ba94519528e74ed7b77b3b9b875da65186c700f5241f8dfdc
SSDEEP

6144:UwZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BTf:ntDlb6IqXCRUe1BTcH8VIM+Vf

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

Processes:

resource	yara_rule
static1/unpack001/Message-5170127.doc	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

Processes:

resource
static1/unpack001/Message-5170127.doc