Behavioral task
behavioral1
Sample
-MgreX7dpa4WPkgk7inO8mY5GoPlRFrEsm-GFggZdJw.doc
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
-MgreX7dpa4WPkgk7inO8mY5GoPlRFrEsm-GFggZdJw.doc
Resource
win10-20230220-en
Behavioral task
behavioral3
Sample
-MgreX7dpa4WPkgk7inO8mY5GoPlRFrEsm-GFggZdJw.doc
Resource
win10v2004-20230220-en
General
-
Target
-MgreX7dpa4WPkgk7inO8mY5GoPlRFrEsm-GFggZdJw.pub
-
Size
291KB
-
MD5
3b50320c5c45960257f30cc35d271f61
-
SHA1
4831beb9d0e88b697432875b619be50718c8bd34
-
SHA256
fcc82b797edda5ae163e4824ee29cef266391a83e5445ac4b26fc6160819749c
-
SHA512
1ca260f9ff3fd9fafb9ad713abbd33c9fc96e30980c15d3d1088eb42ff9cc5bc5381bfbd42b46b75024ac80878260b250d77e54dcda83908f3ddf5dd08a81633
-
SSDEEP
3072:n9nytLPk8keiNKeWoGjtEID4fd4WIFgwR7mTFA02105VCM7agqCpnUgm:UtjzkKjtEIDCsSTFt2wVCaagqCRUgm
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
-MgreX7dpa4WPkgk7inO8mY5GoPlRFrEsm-GFggZdJw.pub.doc .pub windows office2003
ThisDocument