Overview

overview

8

Static

static

8

789484fcbf...18.doc

windows7-x64

7

789484fcbf...18.doc

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    789484fcbfc5fc1a5b93b6d22a1a5da3_JaffaCakes118

  • Size

    241KB

  • MD5

    789484fcbfc5fc1a5b93b6d22a1a5da3

  • SHA1

    2636664263abdecf15a17e55c68e75a1a2805c86

  • SHA256

    6f967c9a2ffdcd3c92f5a7fbe5eed835341c4dbd359a5f88dd37f26c8ee71772

  • SHA512

    e848d67ec15ea4bf5e148afd5e3100b0d08abbe4c544045c3daf8f3e24017e3b1065478260c2cec48e21676a0087e11b7c03e1c5e107a76e0b9cd3f6ea5df092

  • SSDEEP

    1536:qterTkw9HnXPJguq73/IKB5Kby0gOuHrTPuyvK/dRYjMYrWhtevmHazZkeS:qvw9HXPJguq73/IKBWybgdSjYuv5S

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro

Files

  • 789484fcbfc5fc1a5b93b6d22a1a5da3_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5