Behavioral task
behavioral1
Sample
PO.doc
Resource
win7-20230220-en
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
PO.doc
Resource
win10v2004-20230220-en
12 signatures
150 seconds
General
-
Target
PO.zip
-
Size
665KB
-
MD5
3ac03c3b8c9efb4b8ae79198a1626bd4
-
SHA1
d9fb10fc0126e99d3c6d0ad48b11219fca6e5e21
-
SHA256
949d794a8e3902bb7dc8c94046bbf4dbfc2fa1766325cd9a398263241cc35789
-
SHA512
56f1f8b02e1c4fe3ce08fb9ab606c20c855eb1acad1a271c2223c37ed2c7124084d95600ef56a9b2efc6e2a039800a9d58e21d6887da929a43523bea91c775df
-
SSDEEP
3072:2IFb4Wmkqke+cEeqH9vH+i2s1Vj8JxuLVpMs75XLKZvX:2Oykqk6Lw+i2s1Vjkxuxp/QvX
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/PO.doc office_macro_on_action -
Processes:
resource static1/unpack001/PO.doc
Files
-
PO.zip.zip
-
PO.doc.doc windows office2003
ThisDocument
Module1