Report - ddd.xlsb

ZIP Format Excel Binary Workbook file format(xlsb)
ScreenShot
Created 2023.05.29 18:22 Machine s1_win7_x6401
Filename ddd.xlsb
Type Microsoft Excel 2007+
AI Score Not founds Behavior Score
1.8
ZERO API file : clean
VT API (file) 3 detected (CVE-2017-1188, Detected)
md5 0e65c589e0c6edffb3b305e7595a271b
sha256 83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f
ssdeep 192:0TUa42Szpq9H5FEBPJ2Z3KmFOt+FnzKqiWlw0QSFMaxon0YSntQ:ZaHiBPJ2cEnz3lwduMaxon0i
imphash
impfuzzy
  Network IP location

Signature (4cnts)

Level Description
watch Communicates with host for which no DNS query was performed
notice Allocates read-write-execute memory (usually to unpack itself)
notice Creates hidden or system file
notice File has been identified by 3 AntiVirus engines on VirusTotal as malicious

Rules (2cnts)

Level Name Description Collection
info xlsb Excel Binary Workbook file format detection binaries (upload)
info zip_file_format ZIP file format binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids



Similarity measure (PE file only) - Checking for service failure