495a10969c3bc71a4e3b205fe324897b7c5d916ade9dc4e7df57571623bf60f8[.]zip

General

Target

495a10969c3bc71a4e3b205fe324897b7c5d916ade9dc4e7df57571623bf60f8.zip
Size

126KB
MD5

4606d7e686be24f80a0c2b08cd5886ed
SHA1

aaa423992b668adbea72fcd78cf786b22caed8ef
SHA256

f816108bd9c186b7bc2dfa083f9c1c734db2a0b85f7d255a121cde115d75d41d
SHA512

420cae54611230f3f4567a7bd181864e9d1d80076408f6b1b69615e91294df2d93a40afc6a52983121ba24496fc52411bedb4140e4279545192d8cd40c037baa
SSDEEP

3072:j3NAsUl8EhIehtLx+P6LxIvT/+eBnR4xT48FZL0yx:zshIehtLxy6y6eBnR4xT4YZXx

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

resource	yara_rule
static1/unpack001/495a10969c3bc71a4e3b205fe324897b7c5d916ade9dc4e7df57571623bf60f8.xls	office_macro_on_action

495a10969c3bc71a4e3b205fe324897b7c5d916ade9dc4e7df57571623bf60f8.zip
.zip

Password: infected
495a10969c3bc71a4e3b205fe324897b7c5d916ade9dc4e7df57571623bf60f8.xls
.xls windows office2003