Report - kelz - Copy.doc

Antivirus

ScreenShot

Info
Location map


Created	2021.11.09 18:37	Machine	s1_win7_x6402
Filename	kelz - Copy.doc
Type	HTML document, ASCII text, with very long lines, with CRLF line terminators
AI Score	Not founds	Behavior Score	0.4
ZERO API	file : clean
VT API (file)	5 detected (ExpKit, glpzog, FNA@7szsrx, Kryptik, Probably Heur, HTMLUnescape)
md5	ee0c66256bd071a3471927903188b878
sha256	7e6a6961de04f54980aa5db074c5fc1f7ef6b6da4b109f2bc3f3a8448bd716fb
ssdeep	48:7oaf6ebf8Ns17tuyovybID2B0bM9323fUwRXrosIikV/HKiP7TtZliyJY+GP76y5:EaSebf8a17tudvMi2B0bM9323fUibmZ2
imphash
impfuzzy

Network IP location

Signature (1cnts)

Level	Description
notice	File has been identified by 5 AntiVirus engines on VirusTotal as malicious

Rules (1cnts)

Level	Name	Description	Collection
watch	Antivirus	Contains references to security software	binaries (upload)

Network (0cnts) ?

Request	CC	ASN Co	IP4	Rule ?	ZERO ?

Suricata ids

Similarity measure (PE file only) - Checking for service failure