Behavioral task
behavioral1
Sample
POD 30221.doc
Resource
win7-20230220-en
5 signatures
300 seconds
Behavioral task
behavioral2
Sample
POD 30221.doc
Resource
win10v2004-20230220-en
4 signatures
300 seconds
General
-
Target
2023-3-15-e1ff13af35b781b665d335d10fbeca37.bin
-
Size
672KB
-
MD5
e1ff13af35b781b665d335d10fbeca37
-
SHA1
737037f4b3273b3230427157ded21c275dd388c2
-
SHA256
5c56850206b8e6cff762651d57bd14f3a890d9e74c1e9075fc2ce5a1c1af6fbb
-
SHA512
b2d6ac950e976f66862000463c069aec29de04ed068d38135ca8321d0272b49d92690892980aea2a73738a5a30bb9e6fe352f43f7938da45bb445069f169b973
-
SSDEEP
3072:RIFb4Wmkqke+cEeqH9vH+i2s1Vj8JxuLVpMs75XLKZvs:ROykqk6Lw+i2s1Vjkxuxp/Qvs
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/POD 30221.doc office_macro_on_action -
Processes:
resource static1/unpack001/POD 30221.doc
Files
-
2023-3-15-e1ff13af35b781b665d335d10fbeca37.bin.zip
-
POD 30221.doc.doc windows office2003
ThisDocument
Module1