Behavioral task
behavioral1
Sample
GHx_1818979364.doc
Resource
win7-20230220-en
windows7-x64
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
GHx_1818979364.doc
Resource
win10v2004-20230220-en
windows10-2004-x64
12 signatures
150 seconds
General
-
Target
GHx_1818979364.zip
-
Size
706KB
-
MD5
4632a398c55ad08c3820f0aa0ab8ac7d
-
SHA1
efa2869396eb896f5f908280e2b51b6ddbfd1c9a
-
SHA256
9080d625ddf7d2da95c8b323101a3c0f147c2df591971084fbd0c96c4a0ef942
-
SHA512
6e76a4f0464cbda8d3149475f42961632ece06bf1a05db3f8b4c7786ad97626c04518c0c924bb39e1bba28dbc8e06638e716578b3aadc0953c6e17f00911cc00
-
SSDEEP
6144:xwZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BTh:+tDlb6IqXCRUe1BTcH8VIM+Vh
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/GHx_1818979364.doc office_macro_on_action -
Processes:
resource static1/unpack001/GHx_1818979364.doc
Files
-
GHx_1818979364.zip.zip
-
GHx_1818979364.doc.doc windows office2003
ThisDocument
Module1