Behavioral task
behavioral1
Sample
message-38389.doc
Resource
win10v2004-20230220-en
5 signatures
30 seconds
General
-
Target
message-38389.zip
-
Size
698KB
-
MD5
dec489fd7ebf888686299d56338ff8ed
-
SHA1
1d5d02e391c490d469aca51eeb04f422cf3e5e14
-
SHA256
ffe2204e7bfc1317ffee2d3c8b623ecfe2c705ed9e92119a4cce3bb6f0eff720
-
SHA512
f81c0a15de96f0830c7e631b2721a5f9b1108fc028553d4f00d698cadcba84689206b1b48672629bd233a632d7c07249009384fc9f9fe9de284c816f1ff3feb7
-
SSDEEP
6144:ZP/mYiuwND6sXVrg561q/bqdjn4qwZwBm:JMhtV8Q1q/bCr4qwZom
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/message-38389.doc office_macro_on_action -
Processes:
resource static1/unpack001/message-38389.doc
Files
-
message-38389.zip.zip
-
message-38389.doc.doc windows office2003
ThisDocument
Module1