General
-
Target
MDE_File_Sample_d248231011458da84db4016bad5cf64a938882fd.zip
-
Size
39KB
-
MD5
c9023545085f3ad3850b5382354e1e3b
-
SHA1
7b15034885e088b9a943df770d53620cefc08b18
-
SHA256
58a97c2a34feb94588ed8c8e8f1846437958732769679c70b69e9ed470f175cc
-
SHA512
a70071c929fd2e513e9c8f48fee3570d90f7cad9223b03e717b593c0975a004d40b35286c4394b3e8503e99fa7bf62a914233f5305d06265f14f273b37cb7b3e
-
SSDEEP
768:mjVhbKRbKcySkm+9hDvGA132HFB2jN5js48I6VaVw0tVA3CEGXwwLBpwF:oXaYbzGAQX2jfv6VwJe3SAw1SF
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/vnh6uqwa.xls office_macro_on_action -
resource static1/unpack001/vnh6uqwa.xls
Files
-
MDE_File_Sample_d248231011458da84db4016bad5cf64a938882fd.zip.zip
Password: infected
-
vnh6uqwa.xls.xls windows office2003
ЭтаКнига
Лист1
Лист2
Лист3
Module1
Module2
Module3