Overview

overview

8

Static

static

8

2299ff9c7e...6.docx

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Turla_malware.zip

  • Size

    168KB

  • MD5

    d83077d17fa7eafb5b533af538fc2c4f

  • SHA1

    e116275919a7c12452a30eaaa5928e2882ebe4dc

  • SHA256

    e3b0d315d1be05f7c73fc5f24e73343de7094894fb2f0f9a181064f4611ad8e8

  • SHA512

    25469a6c2fa95d1b86f91e3ef02eceab67fdc609d6177d75b1cb621c85afdbe7f04b9da38950b2e5bb6804d3c0bce8b6aa14ae746c8f3c779ba41f6505fe02cf

  • SSDEEP

    3072:BDYqi83UZmgpTluV0l89lJfr5GLURRUKGL7OCu7FbuXRjTu4Ht3oYEt:NYqT3U9YRrtr5dRD0iCRu4Ht4Jt

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro

Files

  • Turla_malware.zip
    .zip

    Password: infected

  • 2299ff9c7e5995333691f3e68373ebbb036aa619acd61cbea6c5210490699bb6.docx
    .doc .docx windows office2003

    ThisDocument

    Module1