Summary | ZeroBOX

Document 2519711.xls

VBA_macro MSOffice File
Category Machine Started Completed
FILE s1_win7_x6401 June 17, 2021, 10:49 a.m. June 17, 2021, 10:50 a.m.
Size 222.5KB
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1252, Title: sourdeline scallywag, Subject: frumpiness ergographs, Author: magnetite distinction, Last Saved By: user, Name of Creating Application: Microsoft Excel, Last Printed: Wed Apr 21 12:08:24 2010, Create Time/Date: Thu Apr 13 21:48:14 2000, Last Saved Time/Date: Wed Jun 16 11:47:50 2021, Security: 0
MD5 c64202fc6e89fc1c49cde536894ed99d
SHA256 1e993ef7ee5f21b9f815ebf853b0bd40d3328a1bd6d680ffc3ace55e4bf73a89
CRC32 B119EF88
ssdeep 6144:wxEtjPOtioVjDGUU1qfDlavx+W2QnWxuX+Fayp3oITIvuTUFSW3EUvNx:wlFaMYITITIW06Nx
Yara
  • Contains_VBA_macro_code - Detect a MS Office document with embedded VBA macro code [binaries]
  • Microsoft_Office_File_Zero - Microsoft Office File

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Elastic malicious (high confidence)
FireEye VB:Trojan.Valyria.4710
McAfee RDN/GenericM
VIPRE LooksLike.Macro.Malware.gen!x1 (v)
Cyren X97M/Agent.WF.gen!Eldorado
BitDefender VB:Trojan.Valyria.4710
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi
AegisLab Trojan.MSExcel.Valyria.4!c
MicroWorld-eScan VB:Trojan.Valyria.4710
Ad-Aware VB:Trojan.Valyria.4710
TrendMicro HEUR_VBA.OE
McAfee-GW-Edition BehavesLike.OLE2.Downloader.db
Emsisoft VB:Trojan.Valyria.4710 (B)
SentinelOne Static AI - Malicious OLE
GData VB:Trojan.Valyria.4710
MAX malware (ai score=80)
Microsoft Trojan:Win32/Dridex!ml
ALYac VB:Trojan.Valyria.4710
Zoner Probably Heur.W97Obfuscated
Rising Heur.Macro.Downloader.f (CLASSIC)
Fortinet VBA/Agent.WCP!tr.dldr