Behavioral task
behavioral1
Sample
invoce No 301730 03.2023.doc
Resource
win7-20230220-en
windows7-x64
11 signatures
150 seconds
Behavioral task
behavioral2
Sample
invoce No 301730 03.2023.doc
Resource
win10v2004-20230221-en
windows10-2004-x64
11 signatures
150 seconds
General
-
Target
Yfve.com.zip
-
Size
656KB
-
MD5
5a0cb46a6fc2700c4ac08709f50133d6
-
SHA1
37ba4b256956d67f12ba223bb70f2e521b858f73
-
SHA256
05a375d786ed166c57bd5b4b3d7aab0f8a3c020621e6d1c93feda5bac92b5fe3
-
SHA512
ec956a6c235919de9e81e4f3169e2bfbc46f9fefd067d59882d992c10fa6d78991aba0fa6f5af6e2a819a7b39b86fb4e51bceb66052a761ab085f26a5c847fde
-
SSDEEP
3072:Tv1AaDJWDzyh5I/ndHnM8xEOswT0QXqzdymid3yk/oQCxL:7OaDJW6w/ndHDqO7T0CKymECeoV
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack001/invoce No 301730 03.2023.doc office_macro_on_action -
Processes:
resource static1/unpack001/invoce No 301730 03.2023.doc
Files
-
Yfve.com.zip.zip
-
invoce No 301730 03.2023.doc.doc windows office2003
ThisDocument
Module1