ScreenShot
| Created | 2021.10.28 09:29 | Machine | s1_win7_x6402 |
| Filename | 1.xls | ||
| Type | Microsoft Excel 2007+ | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 25 detected (SLoad, malicious, high confidence, GenericKD, gen87, a variant of Generik, GCDOHAC, Ole2, druvzi, Macrov, Pfte, IZNZ5A, MRKI, Obfuse, score, ai score=89) | ||
| md5 | b1de71a7369b8398d18708df20890588 | ||
| sha256 | 83faecbef924ffbcce0c8939e5b9b4c453699df1cbbebaf11bdb43e8fa42d63e | ||
| ssdeep | 768:snpoHrkdP32KMgh4p352TRd4i+oufgh8MUpk6TkVQiW:snOHrOPGKbh4X2TDz+ouIGMUpk64Oj | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (9cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 25 AntiVirus engines on VirusTotal as malicious |
| watch | Disables proxy possibly for traffic interception |
| watch | Modifies proxy override settings possibly for traffic interception |
| watch | One or more non-whitelisted processes were created |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates (office) documents on the filesystem |
| notice | Creates a suspicious process |
| notice | Creates hidden or system file |
| info | Checks amount of memory in system |
Rules (0cnts)
| Level | Name | Description | Collection |
|---|
