Behavioral task
behavioral1
Sample
7fb4306a36b61be977dfc6f56443542c9d70273bb97b55d5049cd86608aa0f68.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7fb4306a36b61be977dfc6f56443542c9d70273bb97b55d5049cd86608aa0f68.doc
Resource
win10v2004-20240508-en
General
-
Target
sample.doc.zip
-
Size
20KB
-
MD5
16350ba498a0109c503019f5908d7496
-
SHA1
7e643aa80df9a47eb32e0e24cc3799136f4d01a4
-
SHA256
a4f19c72cd595cc92f4669ebd5dc026506ff8d5c7e5260635c1beb1d6d65ff3e
-
SHA512
92d4f4d3198a45ce6852488cc99ffbcb4028619d289b23f6259a84a172c4405a1b2448e44cf238847ddc74c4ad6bbaa70e2e02fcdb4ffb047044c70dbe690a92
-
SSDEEP
384:fZYhcralCJkFhOlKhYZGQT6tR0Q6ab2KoWAxrNg8A022/7Cxsygk3W4Gz7xn:S+mlCJkFu0iTqRfBbFGr8037IrrM/5
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/7fb4306a36b61be977dfc6f56443542c9d70273bb97b55d5049cd86608aa0f68.doc office_macro_on_action -
resource static1/unpack001/7fb4306a36b61be977dfc6f56443542c9d70273bb97b55d5049cd86608aa0f68.doc
Files
-
sample.doc.zip.zip
Password: infected
-
7fb4306a36b61be977dfc6f56443542c9d70273bb97b55d5049cd86608aa0f68.doc.doc windows office2003
ThisDocument
NewMacros
ThisDocument
NewMacros