Overview

overview

10

Static

static

8

BL Soahandmade.doc

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    np6CI7Pz6b9dokdAUzrbmn.zip

  • Size

    51KB

  • MD5

    0d518e8470c68b42383dc4027aad0f78

  • SHA1

    2d33d92d601769d3a3010f70ee7781215bbb6076

  • SHA256

    2b98f018c129e302249ce6ffd7903d106cb5d7aad6ccf150d7d4f49c22cd8328

  • SHA512

    0b36d1484327660e30c5fdf9825817476b889cf64f69dba713216ba669d0b274cd5a5387a5537eac2b3f64c2979ae11262b367255a5b53243b6cd9547f06672f

  • SSDEEP

    1536:ZkecFmtgR9LmLHLUhBySacQl8wDfyxpzdemgxsSJ5:+dfLIHqgSaDPwpncsC

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro

Files

  • np6CI7Pz6b9dokdAUzrbmn.zip
    .zip

    Password: unzip-me

  • BL Soahandmade.doc_
    .doc .doc_ windows office2003

    ThisDocument

  • manifest.json
  • metadata.json
  • quarantine-acquire-file.CjCKfHxaFE7hmaDZGlORhJ.xml
    .xml
  • script.xml
    .xml
  • sysinfo.1LO9AGgOd1g61Tz0pZkPzO.xml
    .xml