Behavioral task
behavioral1
Sample
XN5635356342422810572_202303081504.doc
Resource
win7-20230220-en
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
XN5635356342422810572_202303081504.doc
Resource
win10v2004-20230220-en
12 signatures
150 seconds
General
-
Target
XN5635356342422810572_202303081504.zip
-
Size
691KB
-
MD5
4c9c8aa8f51f88c40fadd09978d6c9b9
-
SHA1
689f4ce6e2302407b56060ccf742d3ba1dac101d
-
SHA256
2cb42653ec9aff95628a3836a089c61ac8ca628aef51e842e89e97e76d90bdb6
-
SHA512
4fb1946c8ffbb5ffe35a4c27578bb044423ada2b2aaef8d2094ce5b9ef809f9baefcf4d73b3d0d1be31a347c6e64a1ab5ebb6ea7283d79d38bc983f8af4be9a3
-
SSDEEP
6144:+JNbwmfcuHom8Hz2f//ywiWT8xVTI5wqG:6bPHom8TYyCT8x5I5wB
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/XN5635356342422810572_202303081504.doc office_macro_on_action -
Processes:
resource static1/unpack001/XN5635356342422810572_202303081504.doc
Files
-
XN5635356342422810572_202303081504.zip.zip
-
XN5635356342422810572_202303081504.doc.doc windows office2003
ThisDocument
Module1