Summary | ZeroBOX

TYV6YAYWOPEKI61Y.docx

Word 2007 file format(docx) ZIP Format
Category Machine Started Completed
FILE s1_win7_x6402 May 17, 2023, 6:18 p.m. May 17, 2023, 6:21 p.m.
Size 61.9KB
Type Zip archive data, at least v2.0 to extract
MD5 7dc2e663d849526f6aca2e62f8eb0cc8
SHA256 3cec90a18d94fffaabe0f33faf493ec34217e293d9037991f11c2293e15ca3f7
CRC32 62127C86
ssdeep 1536:NVdpLYAeuSgXA5e/FxJPM86Kc4cinkKvRN/rkw4I1Q2:lLQ5kM86KNcink8Rh8iH
Yara
  • zip_file_format - ZIP file format
  • docx - Word 2007 file format detection

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

file C:\Users\test22\AppData\Local\Temp\~$V6YAYWOPEKI61Y.docx
Time & API Arguments Status Return Repeated

NtCreateFile

create_disposition: 5 (FILE_OVERWRITE_IF)
file_handle: 0x00000454
filepath: C:\Users\test22\AppData\Local\Temp\~$V6YAYWOPEKI61Y.docx
desired_access: 0x40100080 (FILE_READ_ATTRIBUTES|SYNCHRONIZE|GENERIC_WRITE)
file_attributes: 2 (FILE_ATTRIBUTE_HIDDEN)
filepath_r: \??\C:\Users\test22\AppData\Local\Temp\~$V6YAYWOPEKI61Y.docx
create_options: 4194400 (FILE_NON_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT)
status_info: 2 (FILE_CREATED)
share_access: 0 ()
1 0 0