Overview

overview

10

Static

static

8

Comrpovant...to.ppa

windows7-x64

10

Comrpovant...to.ppa

windows10-2004-x64

10

Documentacao pax.ppa

windows7-x64

10

Documentacao pax.ppa

windows10-2004-x64

10

Solicitaca...22.ppa

windows7-x64

10

Solicitaca...22.ppa

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Mensajes en cuarentena (1).zip

  • Size

    86KB

  • MD5

    b5de3adc2b4130061ce1c99935a6a4c2

  • SHA1

    c1ac0d60cdabb3afba405723da069c036ddd07aa

  • SHA256

    aee96147d05a9d6564be20eb8dfc628635c15bca71cf62c85edd328fef582831

  • SHA512

    f71e993dc3092ec254e52eb4b2392d0c10202f3ad4406e7ea85db41db37d0999c38ab1ed88a778849a212763e4fec4047b6934ac344c207299db7f08004e30b1

  • SSDEEP

    1536:0aXTqjn3aF5J3sY6sSl4q3iJhhXUP5hpP2eCSoqcUvN3tVdaNJS+XuVDL:0aX0nZ8SinJhBk5hpPvHndaN8++VX

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 3 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action

Files

  • Mensajes en cuarentena (1).zip
    .zip

    Password: 123456

  • abfd851d-d824-4758-bf0a-08dc4b69c8b2/42a23279-ad4b-1d7a-a6da-fb89a7d5450a.eml
    .eml

    Password: 123456

    • https://aka.ms/LearnAboutSenderIdentification

    • https://#NOP

  • Comrpovante de pagamento.ppa
    .pps .ppa windows office2003
  • Documentacao pax.ppa
    .pps .ppa windows office2003
  • Solicitacao n 3422022.ppa
    .pps .ppa windows office2003
  • email-html-1.txt
    .html