12109699049[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12109699049.zip
Size

12KB
MD5

66e8da4808f6a6a11c036f49d62e9f60
SHA1

758c2382047c15c493c33a01e13a6cd31840de14
SHA256

66d290798a83edcfd5276add0d8cc94147566faed619128950fee1b5109e7d4c
SHA512

0b4945abc15655b6ee40b67383ea101c9f2e4a47cae44e7b40ee4a91979dda6a7c1c4ec7ce0da80de01cc78d71c1807ed4bc4bef76ddca2e20b038f976adbbea
SSDEEP

192:79Fa7Xu5dFamQqsxdItSNATyNVkWo822r33StqXo6+D4NhcjYLHRs2aAZCX:pAkFax9NAsV4r2r3Icj5jm

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

resource	yara_rule
static1/unpack001/d29fd5fc6304f9dfbc84f0120efaadd3daf253c635939c1dda49ced41c33b54b	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

resource
static1/unpack001/d29fd5fc6304f9dfbc84f0120efaadd3daf253c635939c1dda49ced41c33b54b

Files

12109699049.zip
.zip

Password: infected
d29fd5fc6304f9dfbc84f0120efaadd3daf253c635939c1dda49ced41c33b54b
.doc windows office2003

ThisDocument

NewMacros

latex2word