ScreenShot
Created | 2021.05.19 13:49 | Machine | s1_win7_x6401 |
Filename | embedded-empire-xls.docx | ||
Type | Microsoft Word 2007+ | ||
AI Score | Not founds | Behavior Score |
|
ZERO API | file : malware | ||
VT API (file) | 34 detected (PwShell, PowerShell, Obfuscation, UYHU, a variant of Generik, MRTBRXU, inbiqr, Macrov, Ahyl, BadShell, XSN@7pmib7, MRSQ, modification of W97M, Malicious, score, ai score=81, CLASSIC, Static AI, Suspicious OPENXML) | ||
md5 | 78676b31e396f912739664c3154f5169 | ||
sha256 | 15e817f764c157e948451b6c98af0141cf8aba4039e19c16e5aeb25ebac12283 | ||
ssdeep | 768:/DPBHe/RfbPH//WBChEa2oFBoWqNmiPvkN884pPj3S:785Tf2C3FBoWq8iPvkN88mPLS | ||
imphash | |||
impfuzzy |
Network IP location
Signature (5cnts)
Level | Description |
---|---|
danger | File has been identified by 34 AntiVirus engines on VirusTotal as malicious |
watch | Libraries known to be associated with a CVE were requested (may be False Positive) |
notice | Allocates read-write-execute memory (usually to unpack itself) |
notice | Creates (office) documents on the filesystem |
notice | Creates hidden or system file |
Rules (1cnts)
Level | Name | Description | Collection |
---|---|---|---|
info | test_office | test url | scripts |
Network (0cnts) ?
Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
---|