27f6bc65250f3161df9c1d8fc9fe065c6b7eef0bb426d28dc97f21275e5f045e[.]zip

General

Target

27f6bc65250f3161df9c1d8fc9fe065c6b7eef0bb426d28dc97f21275e5f045e.zip
Size

52KB
MD5

c2b56df00b059285f1a9759372d3e8bb
SHA1

78e0d90033e998184e8200cf47483f94e7d8e6a9
SHA256

f82989932afe32466aa1fe8ac6af0a4f2301bd28691f1bc62e3bd98966bf646b
SHA512

9275ee04cd8080096bfb8caaf6273e446cc36f572656d3b6686a3f6b78e801d16cb2c50218029c0bf6ac6e429b5a3978e0ea1fa1b7caf28f13938a00aac1e9b2
SSDEEP

1536:Nv6xraXVNCJFgJpg17079ilJ6iayoIYpT5fDe:NyxraXiJYi7e9oJF3oIYpTVDe

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

resource	yara_rule
static1/unpack001/27f6bc65250f3161df9c1d8fc9fe065c6b7eef0bb426d28dc97f21275e5f045e.xlsx	office_macro_on_action

27f6bc65250f3161df9c1d8fc9fe065c6b7eef0bb426d28dc97f21275e5f045e.zip
.zip

Password: infected
27f6bc65250f3161df9c1d8fc9fe065c6b7eef0bb426d28dc97f21275e5f045e.xlsx
.xls .xlsx windows office2003