popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

RFQQ.ppt

VBA_macro Generic Malware MSOffice File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 Sept. 25, 2021, 5:19 p.m. Sept. 25, 2021, 5:21 p.m.
Size 64.0KB
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1252, Title: Joe Security LLC;, Subject: Joe Security LLC;, Author: Joe Security LLC, Keywords: Joe Security LLC, Last Saved By: Master Mana, Revision Number: 4, Name of Creating Application: Microsoft Office PowerPoint, Total Editing Time: 05:07, Create Time/Date: Fri Sep 24 03:10:04 2021, Last Saved Time/Date: Fri Sep 24 03:15:11 2021, Number of Words: 0
MD5 a3b289f75249284dc08633c2d766c682
SHA256 879dbb71acda37fd901b17140dc7e0a2dd7eac143d04031a9f1b01c06aa5bd4a
CRC32 4513F1A6
ssdeep 384:CTcrKmpFF4dQM4INXKUC7/OzwqM83HcrkdYFQE57clFo39D:tKWD4dwOzw+3akT6cjo
Yara
  • Contains_VBA_macro_code - Detect a MS Office document with embedded VBA macro code [binaries]
  • Generic_Malware_Zero - Generic Malware
  • Microsoft_Office_File_Zero - Microsoft Office File

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Lionic Trojan.Script.Generic.a!c
McAfee W97M/Downloader.doj
Arcabit VBA:Logan.D753
Cyren PP97M/Agent.ADF.gen!Eldorado
Symantec W97M.Downloader
ESET-NOD32 VBA/TrojanDownloader.Agent.WQU
Kaspersky HEUR:Trojan-Downloader.Script.Generic
BitDefender VBA:Logan.1875
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi
MicroWorld-eScan VBA:Logan.1875
Ad-Aware VBA:Logan.1875
Emsisoft VBA:Logan.1875 (B)
McAfee-GW-Edition W97M/Downloader.doj
FireEye VBA:Logan.1875
MAX malware (ai score=81)
GData VBA:Logan.1875
ALYac VBA:Logan.1875
Fortinet VBA/Agent.KKK!tr