Report - docx007.docx

VBA_macro Word 2007 file format(docx) ZIP Format
ScreenShot
Created 2024.11.26 09:51 Machine s1_win7_x6401
Filename docx007.docx
Type Microsoft Word 2007+
AI Score Not founds Behavior Score
2.2
ZERO API file : clean
VT API (file) 34 detected (Malicious, score, Valyria, PowerShell, high confidence, DONOFF, USBLK524, Ole2, druvzi, VBA@AI, MRADQ, docx, Highly Suspicious, Eldorado, MDRP, OMacro, Kryptik)
md5 1f9d2be9980612244c80cbe9767d44e6
sha256 9b24e36885da1e4240c61dd91fbd847010e3586027eac940a2ecc7d8b55f3eef
ssdeep 384:AiQG4uaC78i2plNSFI+rvxYrcePhjAMx+EMIEkQM8q650J9DGxudCWTvVQ:AK8ieSFpxYQeP6MukgNwhGUdvQ
imphash
impfuzzy
  Network IP location

Signature (4cnts)

Level Description
danger File has been identified by 34 AntiVirus engines on VirusTotal as malicious
notice Creates (office) documents on the filesystem
notice Creates hidden or system file
notice Word document hooks document open

Rules (4cnts)

Level Name Description Collection
warning Contains_VBA_macro_code Detect a MS Office document with embedded VBA macro code [binaries] binaries (upload)
info docx Word 2007 file format detection binaries (upload)
info zip_file_format ZIP file format binaries (upload)
info test_office test url scripts

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids



Similarity measure (PE file only) - Checking for service failure