General
-
Target
ec484cd56b4830a8ba786c982464ee4c.bin
-
Size
686KB
-
MD5
0c643d97b3d35f7ce19de1e9d9aa737f
-
SHA1
e8f00833b70d12f2658dbbc6aff5f1a5a41c6a65
-
SHA256
bcc99c6870c06a22c1b45ec374ba5b84a65e7011818df5feaf21a6c241da6660
-
SHA512
53b8932b9159f2bd568a100f5a7e2c8e40c2613cf51220fd7fe71a0681e7ce2e1d868eb8f8befbd01cb73b399d9fd89ecd58703a60ab3ebc97a0ba75fab4522a
-
SSDEEP
12288:TnKsc7s1FlFvzvi2m0HDSCvs0UnV5lkmh9bkWA4516UhyTNgC1mA8D9ko+AfpUd2:TntcklFbky2CU0UnJrPAGnc7V8xko+Ap
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
-
Suspicious Office macro 1 IoCs
Office document equipped with macros.
Files
-
ec484cd56b4830a8ba786c982464ee4c.bin
Password: infected
-
986f079a4cfbf1a1de688c8853a0100f5b1178f734d6af75cbd97276e175b800.xls
ThisDocument
ExtCollection
frmAbout
frmConfigTables
frmEditVariables
frmHelpID
frmMedTraceSettings
frmReqKey
frmReqRea
frmRiskEvaluation
frmUpdateFieldError
mbReqKeyReqRea
mbCommandBar
mbConfigTables
mbCoverPage
WordWrapper
mbCV_RiskEvaluation
mbEditVariables
ViewResetter
mbWindowsAPI
mbGlobalFunctions
mbHelpID
mbFunctions
mbImportData
mbInitDocument
mbReviewReport
mbCV_RiskClass
mbUpdateFields
mbCodeReview
mbNormal
mbReviewReport1
mbMedTraceOutput
mbProperties
mbSortTorAndTorr
mbUncName
mbGlobalDefinitions
mbHelpLinks
mbInsert
mbMenus
mbLandscape