Simple Malicious Doc Analyst


In October, we have received a strange file. This file is zipped with passwords. When we decompress file, TrendMicro engines is triggered and alerts that this is a strange file.

So I tried to inspect this file. First information:

File name: DAT 6021.doc

SHA256 : FBA41FDD9A1E8B12844D2ED37A39199DBBC262040AF00488032CA8DD37D99AF8


I tried to analyze with Virustotal and 38/64 engines detected this file as…