ScreenShot
Created | 2021.05.10 12:21 | Machine | s1_win7_x6401 |
Filename | BankStatement009810.xlsb | ||
Type | Microsoft Excel 2007+ | ||
AI Score | Not founds | Behavior Score |
|
ZERO API | file : malware | ||
VT API (file) | 27 detected (GenericKD, Save, Maldoc, ali1000107, QHKX, VSNW06E21, dslept, SLoad, AMGM, Malicious, score, CLASSIC) | ||
md5 | 4bedb6631269e591cdfe5c981cd4d219 | ||
sha256 | bfb37c9adc809e880f56dd10898b5425242330d6e2fa69e014a98e6dc18ce416 | ||
ssdeep | 768:guw9cBgYk0NlERTI3cTVMnY6ddvxzVswdpb:gp990NlMTI3cTUPvxyipb | ||
imphash | |||
impfuzzy |
Network IP location
Signature (5cnts)
Level | Description |
---|---|
danger | Office document performs HTTP request (possibly to download malware) |
warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
watch | Creates suspicious VBA object |
notice | Allocates read-write-execute memory (usually to unpack itself) |
notice | Creates hidden or system file |
Rules (1cnts)
Level | Name | Description | Collection |
---|---|---|---|
warning | Contains_VBA_macro_code | Detect a MS Office document with embedded VBA macro code [binaries] | binaries (upload) |