Overview

overview

8

Static

static

8

49dd56c310...18.doc

windows7-x64

7

49dd56c310...18.doc

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    49dd56c310a199d6b4096bef5b5bbeb1_JaffaCakes118

  • Size

    238KB

  • MD5

    49dd56c310a199d6b4096bef5b5bbeb1

  • SHA1

    984c94010cbc533d845be3a4605e4e19cde2f180

  • SHA256

    cb11a4da225eef5bfe2e93335d109c53d0ba2ef8d5b7998e052dcfbafb3746ea

  • SHA512

    2779682ead62b84585a485071007ad6172fea8333af77b8e47ee763349ed2adf4217c6e1d9a8989a1aa58bfdd73c1e5c21d5dbf337208d9d1a62afa6cf99931e

  • SSDEEP

    3072:G/wDvWETOgnHJcIKBs7A4dSotTyhH+KTi6wc1:G/avWETrHJ9AUUETO1

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro

Files

  • 49dd56c310a199d6b4096bef5b5bbeb1_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5