General
-
Target
f0527baa18840468e00ad940ecefb4b677aaafb9e07bdceaae76d9d93a03bb0a
-
Size
17.3MB
-
MD5
c2d15ba62916048cdb4e2f9166ae5a57
-
SHA1
b556fc7fedaaea945f1a7a58d78237daec4eba0b
-
SHA256
f0527baa18840468e00ad940ecefb4b677aaafb9e07bdceaae76d9d93a03bb0a
-
SHA512
c78247b47454973750bcf9e6a107e6c6f9cbab21f67e91246989a2f62946032082d6fcced830e7a75173927361799d4be364094a56650468d1f18718491ccab8
-
SSDEEP
393216:MR1CF0RottdMl42ROCKKjVpUq38yh0ChhNhshTFY3GZvrwbPQ+fShehMn5RKj1lX:85ROCKjqV1lX
Score
10/10
Malware Config
Extracted
Family
gozi
Signatures
-
Gozi family
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action
Files
-
f0527baa18840468e00ad940ecefb4b677aaafb9e07bdceaae76d9d93a03bb0a