Behavioral task
behavioral1
Sample
0x000700000002322c-29.doc
Resource
win7-20230831-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
0x000700000002322c-29.doc
Resource
win10v2004-20230915-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
payroll.pub_pw_infected.zip
-
Size
13KB
-
MD5
2a52750a74374d5dc2632910a958f7ed
-
SHA1
4f3432eedc240da0336b19eee88b8150331236b7
-
SHA256
9207683848e8ee7195e7716afea913fdb0759dd13d85b5825c5a4a7c3abf16e3
-
SHA512
a5145d812ad55ce626786df986ff92b442c59fa23f8db7be24e3c38dd86cdb86b7d90f6b49b7b57ff93a756300e0f968c62b81af1b30743cf1916a23107bd960
-
SSDEEP
384:/Q1l5ycXVz7lCT1sCWq6tUkTZWmGSLFuewu5wzggiw:qd78TCDWkTZLLFSuDc
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/0x000700000002322c-29 office_macro_on_action -
resource static1/unpack001/0x000700000002322c-29
Files
-
payroll.pub_pw_infected.zip.zip
Password: infected
-
0x000700000002322c-29.doc windows office2003
ThisDocument