Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | Oct. 3, 2022, 1:19 p.m. | Oct. 3, 2022, 1:21 p.m. |
-
WINWORD.EXE "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" C:\Users\test22\AppData\Local\Temp\bodli.doc
2996
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\~$bodli.doc |
Lionic | Trojan.MSOffice.SAgent.4!c |
Elastic | malicious (high confidence) |
MicroWorld-eScan | Trojan.Jeki.2 |
FireEye | Trojan.Jeki.2 |
VIPRE | Trojan.Jeki.2 |
Sangfor | VBA.Sus.Obf |
Arcabit | HEUR.VBA.Trojan.d |
Cyren | ABRisk.XMKE-6 |
Symantec | CL.Downloader!gen73 |
ESET-NOD32 | a variant of VBA/TrojanDownloader.Agent.YEU |
Avast | Other:Malware-gen [Trj] |
Kaspersky | HEUR:Trojan.MSOffice.SAgent.gen |
BitDefender | Trojan.Jeki.2 |
Tencent | Heur.Macro.Generic.e.fba5f97f |
Ad-Aware | Trojan.Jeki.2 |
F-Secure | Malware.W97M/YAV.Minerva.kurjv |
McAfee-GW-Edition | BehavesLike.OLE2.Downloader.db |
Emsisoft | Trojan.Jeki.2 (B) |
SentinelOne | Static AI - Malicious OLE |
Detected | |
Avira | W97M/YAV.Minerva.kurjv |
Antiy-AVL | Trojan/MSOffice.SAgent.gen |
ZoneAlarm | HEUR:Trojan.MSOffice.SAgent.gen |
GData | Trojan.Jeki.2 |
Cynet | Malicious (score: 99) |
Acronis | suspicious |
ALYac | Trojan.Jeki.2 |
MAX | malware (ai score=89) |
Fortinet | VBA/Agent.YEU!tr |
AVG | Other:Malware-gen [Trj] |