8077acca97582af8c04beba0f256f06191170b894a4f3333d3c2b5b30c1231cc[.]zip

Reason

office: non-rc4 encrypted document not supported

General

Target

8077acca97582af8c04beba0f256f06191170b894a4f3333d3c2b5b30c1231cc.zip
Size

978KB
MD5

6a11894f2ff275b4d14c39457a57dee2
SHA1

2cb720c1a11c65036e7d8746015168b969fd24f4
SHA256

314fbd3e4541e5a28bdd3e239658a76fad0b5e3e29f162c3444d0a64d884f0b2
SHA512

80ac0c9da3827b74aa423872504a8cdc8c1c80100fb6c7706d5f74b3dcba0e222e2b350ea3717b311bda89e57904b33e1fa881bfa7de458215cc015b37bcc1e3
SSDEEP

24576:SOLbViXeST9P/PCytO7hSeOJdjDqQNTYecBYERCoNMgC:SpuSFn0QeOJdCQgBYvgRC

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

resource	yara_rule
static1/unpack001/8077acca97582af8c04beba0f256f06191170b894a4f3333d3c2b5b30c1231cc.xls	office_macro_on_action

8077acca97582af8c04beba0f256f06191170b894a4f3333d3c2b5b30c1231cc.zip
.zip

Password: infected
8077acca97582af8c04beba0f256f06191170b894a4f3333d3c2b5b30c1231cc.xls
.xls windows office2003