12888777921[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12888777921.zip
Size

151KB
MD5

240e6f080df3b56040ee353e9b6b4df2
SHA1

68c8eabffbf5683d40fdc1c3885c8dbb3ce2182a
SHA256

b18d78faf5730186ce41fc02167a1a02f096c73fc6c34999a3aa1e9ffd864493
SHA512

a95a9b9a46c26a94636054605a7d6aabc62e7ab5a887a547f34d19eeb3eb15ca3a713e07649a6c61ab9a34cecc8d5228dde3d8b52b7acafa52e89cb47d08cd39
SSDEEP

3072:JyFS21vFQY9JdguBxbZRW9BLF775/9WtHyPCz5jlF1jt0zHu4:JyFS21GuPWrt7q7tl3jqB

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

resource	yara_rule
static1/unpack001/8365477db53124836b58d384a0ead8591db9f34fd009b4b4c4e48d4bec85bc3f	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

resource
static1/unpack001/8365477db53124836b58d384a0ead8591db9f34fd009b4b4c4e48d4bec85bc3f

Files

12888777921.zip
.zip

Password: infected
8365477db53124836b58d384a0ead8591db9f34fd009b4b4c4e48d4bec85bc3f
.doc windows office2003

ThisDocument