General

  • Target

    8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a

  • Size

    1.4MB

  • MD5

    8e6e89e29a2c3dddbb2814250228282e

  • SHA1

    a45e45a9157d0c963b039ba4c612b1090eec2e2c

  • SHA256

    8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a

  • SHA512

    840b3efea4848248987098f71eac7f539fa3e2b7cfdae50dfbed8e79bb56bc157a0cb0b857b7d85cf569715f258de3e8ce1f9b025dffa8da2d89fd77b8b7c44b

  • SSDEEP

    24576:pG0jA9HdB5mUHwoFWdNQd9QajvvP+5gwxhTuN:redB8oId+d9Qs

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 8a3412c059d2f34ea567e3cb05a476df9a8d96bdb8931239a9074944da0e6d4a
    .doc .vbs windows office2003 polyglot

    frmData

    modLoadPictureGDI

    FormFunctions

    Info

    Lib

    modClipboard

    modCopyChart

    modDocument

    frmHyperlinks

    modOpenFileDialogAPI

    modPresentation

    modtickerTAble

    modScreenUpdating

    modValRisks

    XMLAPIs

    DocProperty

    rxRibbon

    PPTDisclosure

    ppClass

    frmTickerTable

    modPublic

    modExhibits

    modAPI

    modPresentationXML

    modScreenUpdate

    modExplorer