Overview

overview

8

Static

static

8

dad0cd9315...03.xls

windows7-x64

1

dad0cd9315...03.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Errors

Reason
office: non-rc4 encrypted document not supported

General

  • Target

    dad0cd931530181140f3cf709371909c2a19e7535649ff0a54da01917cbf4803.zip

  • Size

    2.5MB

  • MD5

    2cf00e2aa5c02b052b6f4b1b390a0f9b

  • SHA1

    2ecca7cc986296ede94f4debe708d31958de9874

  • SHA256

    dacfe27ef8662dfee25d69a17a82625fbf4f1923aa592b17e420c245b1ea6823

  • SHA512

    1b7a27b3ed72b572358cf5394609a966f29642107a36b7ba462dd0abcac8d0c219707283141123de867a4697f3a628171b063ad6f9f53493e3e7f7a7a1fb5a45

  • SSDEEP

    49152:erBkiE+T7l1szcFn91clCEEU712TrPHT7lL8PcjOU/hVImlvfXcb7ps46:ee4l1sQFn9QCOB6rL7CECahVIG3Xcb7a

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action

Files

  • dad0cd931530181140f3cf709371909c2a19e7535649ff0a54da01917cbf4803.zip
    .zip

    Password: infected

  • dad0cd931530181140f3cf709371909c2a19e7535649ff0a54da01917cbf4803.xls
    .xls windows office2003