Report - 34b53cd683f60800ac4057d25b24d8f083f759d024d22b4e5f2a464bc85de65a

Word 2007 file format(docx)

ScreenShot

Info
Location map


Created	2021.09.30 16:36	Machine	s1_win7_x6401
Filename	34b53cd683f60800ac4057d25b24d8f083f759d024d22b4e5f2a464bc85de65a
Type	Zip archive data, at least v1.0 to extract
AI Score	Not founds	Behavior Score	2.0
ZERO API	file : clean
VT API (file)	26 detected (CVE-2018-0802, Hacktool, MSOfficeWord, GenericKDS, 0NA103I319, CVE-2017-0199, equmby, Artemis, GenericS, ai score=80, Probably Heur, W97OleLink)
md5	02c2a68ce9a35f5f0e1b3456e09d6cc9
sha256	34b53cd683f60800ac4057d25b24d8f083f759d024d22b4e5f2a464bc85de65a
ssdeep	192:kq9XfpWycU3VyWYWCByCM0rzaGehWIgbKu5v4/A8jf:k0XfXCByirghWIsK+v4jjf
imphash
impfuzzy

Network IP location

Signature (4cnts)

Level	Description
warning	File has been identified by 26 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Creates hidden or system file
notice	Performs some HTTP requests

Rules (1cnts)

Level	Name	Description	Collection
info	docx	Word 2007 file format detection	binaries (upload)

Network (4cnts) ?

Request	CC	ASN Co	IP4	Rule ?	ZERO ?
http://maq.com.pk/ whois		Commission on Science and Technology for	203.124.43.227		clean
http://maq.com.pk/wehsd whois		Commission on Science and Technology for	203.124.43.227		mailcious
maq.com.pk whois		Commission on Science and Technology for	203.124.43.227		mailcious
203.124.43.227 whois		Commission on Science and Technology for	203.124.43.227		mailcious

Suricata ids

Similarity measure (PE file only) - Checking for service failure