ScreenShot
| Created | 2021.05.10 12:21 | Machine | s1_win7_x6401 |
| Filename | BankStatement009810.xlsb | ||
| Type | Microsoft Excel 2007+ | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 27 detected (GenericKD, Save, Maldoc, ali1000107, QHKX, VSNW06E21, dslept, SLoad, AMGM, Malicious, score, CLASSIC) | ||
| md5 | 4bedb6631269e591cdfe5c981cd4d219 | ||
| sha256 | bfb37c9adc809e880f56dd10898b5425242330d6e2fa69e014a98e6dc18ce416 | ||
| ssdeep | 768:guw9cBgYk0NlERTI3cTVMnY6ddvxzVswdpb:gp990NlMTI3cTUPvxyipb | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| danger | Office document performs HTTP request (possibly to download malware) |
| warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
| watch | Creates suspicious VBA object |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates hidden or system file |
Rules (1cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Contains_VBA_macro_code | Detect a MS Office document with embedded VBA macro code [binaries] | binaries (upload) |
