Behavioral task
behavioral1
Sample
Jh_1403.doc
Resource
win7-20230220-en
windows7-x64
12 signatures
150 seconds
General
-
Target
Jh_1403.zip
-
Size
718KB
-
MD5
1ee3840f5d0a5eb623a3f1de69a610f0
-
SHA1
35612e5e991fd0f4f4fae4bdbca8721a4c50124f
-
SHA256
c8d2f18087f621ba893dd4a528a9d6e5026c68be2250fdbc1fc91e1ee37a72aa
-
SHA512
d8c7d2d101f198ca54fe011b8e901d2e3dfaa81fed26ef1ed264c49e3d4cf0edb4571825b3bb6ce56aee4dc6a4c122337684121bdbc1b5ce924b4c34649e80be
-
SSDEEP
6144:HwZnDlMy6O3qKmCRUe1B5uLqcHfVDNUV3nJGM+BT2:QtDlb6IqXCRUe1BTcH8VIM+V2
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/Jh_1403.doc office_macro_on_action -
Processes:
resource static1/unpack001/Jh_1403.doc
Files
-
Jh_1403.zip.zip
-
Jh_1403.doc.doc windows office2003
ThisDocument
Module1