29de0e63bae61e19db697dc57db08106cac85ad8b1c9a572378d4a66ee9bc977[.]zip

General

Target

29de0e63bae61e19db697dc57db08106cac85ad8b1c9a572378d4a66ee9bc977.zip
Size

14KB
MD5

e26a6196279fcf18e31f822d1b167573
SHA1

ed29e9ce2b0d8d20733d2b57dc58092cf30572ab
SHA256

29de0e63bae61e19db697dc57db08106cac85ad8b1c9a572378d4a66ee9bc977
SHA512

143384a57d680ce00c9b5f7dfcd52d170a2e4950a0b1caaf109f21d57f7511ea2c65d52bf7ed7f35196e657f91b174b602bc6cefbc78d0ba3c6e801f5bd5f973
SSDEEP

384:w9nyRkb5vGz2FdpVUUOAycrDXBeMULnm52jNJ2:wPAzi7VQMrB9jIjj2

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

resource	yara_rule
static1/unpack001/a1400765e9663e5d9371ec55bb1080e32213380239b695f101d9910d072268fa.doc	office_macro_on_action

Suspicious Office macro 1 IoCs

Office document equipped with macros.

resource
static1/unpack001/a1400765e9663e5d9371ec55bb1080e32213380239b695f101d9910d072268fa.doc

29de0e63bae61e19db697dc57db08106cac85ad8b1c9a572378d4a66ee9bc977.zip
.zip

Password: infected
a1400765e9663e5d9371ec55bb1080e32213380239b695f101d9910d072268fa.doc
.doc windows office2003

ThisDocument

NewMacros