77c4b97769da0a4c9a024d2b50eaab21d68756c05eb6829385ee6c5f90452112

Sharing

Copy URL Twitter E-mail

General

Target

77c4b97769da0a4c9a024d2b50eaab21d68756c05eb6829385ee6c5f90452112
Size

4.7MB
MD5

ca27b6476279709e1e140baa3c218029
SHA1

a41983f4d3820a27ea4d5c99c1ff71ffa0909904
SHA256

77c4b97769da0a4c9a024d2b50eaab21d68756c05eb6829385ee6c5f90452112
SHA512

3b314e4c3213859f47a1e68f4c79d61f36ec7dd35ad27251a79db7005cc19bd4f1c6a256d86fa2361d1780954b22fad2c2b41919fdf7bf2837c220723876c99b
SSDEEP

49152:Z/aX5IJ/IdFgX/qUxBWqas7wOxB2jE6kEVi2TucnX2pSwoTthgRE:Z/aJIJ/IdFq/9xBWqN2jE6o2TrXnl

Score

8^/10

macro macro_on_action

Malware Config

Signatures

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

macro macro_on_action

resource	yara_rule
sample	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

macro

resource
sample

Files

77c4b97769da0a4c9a024d2b50eaab21d68756c05eb6829385ee6c5f90452112
.doc windows office2003

ThisDocument

ModuleImporter

BBPTv2_clsAppEvents

BBPTv2_clsExcelLinkApp

BBPTv2_clsExcelLinkHandler

BBPTv2_clsExcelLinkWbk

BBPTv2_clsFileDeletionQueue

BBPTv2_clsLink

BBPTv2_clsLinkInfo

BBPTv2_clsLinks

BBPTv2_clsLinkShape

BBPTv2_clsQueue

BBPTv2_FileHashingFunc

BBPTv2_modExcelLinkHandler

BBPTv2_modPasteFromExcel

BBPTv2_modUtility_Word_New

BBPTv2_SupportFloatingShapes

BBPT_clsAppEvents

BBPT_clsExcelLinkApp

BBPT_clsExcelLinkHandler

BBPT_clsExcelLinkWbk

BBPT_clsLink

BBPT_clsLinkInfo

BBPT_clsLinks

BBPT_clsLinkShape

BBPT_modCallbacks

BBPT_modConfig_Word

BBPT_modEditPaste_Word

BBPT_modErrorLog

BBPT_modExcelLinkHandler

BBPT_modLocalize_Word

BBPT_modPasteFromExcel

BBPT_modUtility_Word

BBPT_modUtility_Word_New

BBPT_WordSections

ChartManager_OFCUI

ChartsControlEventHandlers

ChartsEventsHelper

ChartsHelper

frmMsgBox

frmSections

Globals

Helpers

HelpMenu

modConstants

modDD

modDDFindReplace

modDDFunctionBuilder

modDDRefDataService

modNewFunctions_Word

RegistryHelper

RegOp

TestPriorityQueue

ToolProxy

ToolsEntryPoints

V3Status

Visualization

XMLHelperTools

BBPTv2_FunctionTracing

ApiRegistry

APIRegistryUtil

ComDllLoader

SettingsUtil

BOF_Core

BOF_Hash

BOF_Json_Utility

Mod_Metering

OFCMSG_Hash

OFCUI_Event

OFCUI_HostContainer

OFCUI_HostLtc

OFCUI_Tests

OFC_TaskPaneInterface

OFC_Utils

ToolsEntryPoints_Shared

FileManagerHelper

BBPTv2_clsPriorityQueue

BBPTv2_LinkManager_Logger

BBPTv2_modCommonPasteFromExcel

BBPTv2_modCommonUtilities

BBPTv2_modCommonWPFLinkManager

BBPT_ZombieUtils

ModuleImporterHash

Sharing

General

Malware Config

Signatures

Files

ThisDocument

ModuleImporter

BBPTv2_clsAppEvents

BBPTv2_clsExcelLinkApp

BBPTv2_clsExcelLinkHandler

BBPTv2_clsExcelLinkWbk

BBPTv2_clsFileDeletionQueue

BBPTv2_clsLink

BBPTv2_clsLinkInfo

BBPTv2_clsLinks

BBPTv2_clsLinkShape

BBPTv2_clsQueue

BBPTv2_FileHashingFunc

BBPTv2_modExcelLinkHandler

BBPTv2_modPasteFromExcel

BBPTv2_modUtility_Word_New

BBPTv2_SupportFloatingShapes

BBPT_clsAppEvents

BBPT_clsExcelLinkApp

BBPT_clsExcelLinkHandler

BBPT_clsExcelLinkWbk

BBPT_clsLink

BBPT_clsLinkInfo

BBPT_clsLinks

BBPT_clsLinkShape

BBPT_modCallbacks

BBPT_modConfig_Word

BBPT_modEditPaste_Word

BBPT_modErrorLog

BBPT_modExcelLinkHandler

BBPT_modLocalize_Word

BBPT_modPasteFromExcel

BBPT_modUtility_Word

BBPT_modUtility_Word_New

BBPT_WordSections

ChartManager_OFCUI

ChartsControlEventHandlers

ChartsEventsHelper

ChartsHelper

frmMsgBox

frmSections

Globals

Helpers

HelpMenu

modConstants

modDD

modDDFindReplace

modDDFunctionBuilder

modDDRefDataService

modNewFunctions_Word

RegistryHelper

RegOp

TestPriorityQueue

ToolProxy

ToolsEntryPoints

V3Status

Visualization

XMLHelperTools

BBPTv2_FunctionTracing

ApiRegistry

APIRegistryUtil

ComDllLoader

SettingsUtil

BOF_Core

BOF_Hash

BOF_Json_Utility

Mod_Metering

OFCMSG_Hash

OFCUI_Event

OFCUI_HostContainer

OFCUI_HostLtc

OFCUI_Tests

OFC_TaskPaneInterface

OFC_Utils

ToolsEntryPoints_Shared