ScreenShot
| Created | 2021.04.17 09:13 | Machine | s1_win7_x6401 |
| Filename | 2021 데이터기반 미래전망 연구_(평화안보).doc | ||
| Type | Microsoft Word 2007+ | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 29 detected (GenericKD, Stratos, gen433, Ole2, druvzi, kottx, Malicious, score, ai score=100, Probably Heur, W97Obfuscated, Static AI, Malicious OPENXML) | ||
| md5 | 6a614ca002c5b3a4d7023faffc0546e1 | ||
| sha256 | 7a8ef8f67bfb698ee7e3cfc0b891e4a35cac8be50f01cb22838616e9a80e956d | ||
| ssdeep | 768:hkH2djFcaERJvHb38SSI8qEkthdw8tZlBGYWlaIiYwaoViVVJyFzK/Bl8Aesm/UU:hko6asDsBqEkRylfiYwaTVCFzM83/UU | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 29 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates (office) documents on the filesystem |
| notice | Creates hidden or system file |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Contains_VBA_macro_code | Detect a MS Office document with embedded VBA macro code [binaries] | binaries (upload) |
| info | test_office | test url | scripts |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|