popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

9d8aa271.png

MSOffice File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 24, 2021, 7:30 p.m. June 24, 2021, 8:20 p.m.
Size 1.4MB
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Security: 0, Code page: 936, Revision Number: {95E24524-43AE-46AD-9A0C-D6CB394C5907}, Number of Words: 2, Subject: F4RaF, Author: F4RaF, Name of Creating Application: Advanced Installer 16.5 build 8df7ad95, Template: ;2052, Title: Installation Database, Keywords: Installer, MSI, Database, Number of Pages: 200
MD5 7a72d5e6044805ea4d2f37bdbdc0ab2d
SHA256 34159049a92a5849bc9c11bd8ed4411aa5f5ecac4a80ddc2cc9f5df22980c1ec
CRC32 42B4D13A
ssdeep 24576:KUuDXXNGj04BMeRocDP1Nz4lDhkPTG4Mcgiwkew8vroUQGDXDNSnf6BlMRUT:KdXdJi5oo+FeBRSw8vlQIzNSnf6y4
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

FireEye Gen:Variant.Bulz.446252
CAT-QuickHeal Trojan.Agentb
McAfee RDN/Generic.com
Zillya Trojan.Convagent.Win32.3606
Sangfor Trojan.Win32.Save.a
Cyren W32/Trojan.ESOV-9193
Symantec ML.Attribute.HighConfidence
ESET-NOD32 multiple detections
TrendMicro-HouseCall TrojanSpy.Win64.NOON.UHBAZCLOC
Avast Other:Malware-gen [Trj]
ClamAV Win.Trojan.Bulz-9863763-0
Kaspersky Trojan.Win32.Agentb.kkyd
BitDefender Gen:Variant.Bulz.446252
NANO-Antivirus Trojan.Win32.Black.ivcpha
AegisLab Trojan.Win32.Agentb.4!c
Tencent Win32.Trojan.Agentb.Ajbu
Emsisoft Gen:Variant.Bulz.446252 (B)
DrWeb Trojan.Packed2.43111
TrendMicro TROJ_GEN.R002C0PFG21
McAfee-GW-Edition RDN/Generic.com
Sophos Mal/Generic-R
Ikarus Trojan.Win32.VMProtect
Avira TR/VB.Agent.lwxir
Antiy-AVL Trojan/Generic.ASMalwS.32EA3E1
Kingsoft Win32.Troj.Generic.a.(kcloud)
Microsoft Trojan:Win32/Tiggre!rfn
GData Script.Trojan.PurpleFox.D
Cynet Malicious (score: 99)
BitDefenderTheta Gen:NN.ZedlaF.34758.rG4@aWpFvhd
MAX malware (ai score=87)
VBA32 TScope.Malware-Cryptor.SB
Rising Trojan.PurpleFox/MSI!1.D10D (CLASSIC)
Fortinet W32/PossibleThreat
AVG Other:Malware-gen [Trj]