ScreenShot
| Created | 2021.09.15 09:39 | Machine | s1_win7_x6401 |
| Filename | Invoice1.docx | ||
| Type | Microsoft OOXML | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 23 detected (CVE-2021-4044, CVE-2017-0199, equmby, CLASSIC, CVE2021, ai score=84, Donoff) | ||
| md5 | 9021afcfefe0fd391eacd306de705448 | ||
| sha256 | 54d26a878e217bc7548eecbd70fdf8fcd22806e32b3d86fd7a45916d0f4e9243 | ||
| ssdeep | 768:HRgb/iFmhxEr83RGShdXbmgo+nWIgkKl4j3d80JsSPLWLlDw+8t+ARY8:xsgca8csmgo+twuj3dfJ5o8tz | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 23 AntiVirus engines on VirusTotal as malicious |
| watch | Libraries known to be associated with a CVE were requested (may be False Positive) |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates (office) documents on the filesystem |
| notice | Creates hidden or system file |
| notice | Performs some HTTP requests |
Rules (1cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | docx | Word 2007 file format detection | binaries (upload) |
