Simple Malicious Doc Analyst

Hi,

In October, we have received a strange file. This file is zipped with passwords. When we decompress file, TrendMicro engines is triggered and alerts that this is a strange file.

So I tried to inspect this file. First information:

File name: DAT 6021.doc

SHA256 : FBA41FDD9A1E8B12844D2ED37A39199DBBC262040AF00488032CA8DD37D99AF8

SHA1:783A12021EB09E34B5E8C5670D9C3F475B420CA8

I tried to analyze with Virustotal and 38/64 engines detected this file as…