ScreenShot
Created 2021.03.18 17:01 Machine s1_win7_x6401
Filename Test.dotm
Type Zip archive data, at least v2.0 to extract
AI Score Not founds Behavior Score
0.8
ZERO API file : clean
VT API (file) 26 detected (malicious, high confidence, EmoDldr, Save, Eldorado, gen87, Ole2, druvzi, MROF, ai score=81, score, Static AI, Suspicious OPENXML)
md5 451ea5275e3477ae373894a35627a9b3
sha256 df1e8e9c46971dd91ef1cedc8c78a4a2efb07dabd7e9dcff7e2206791379f469
ssdeep 384:JdTCZ3nZhb8mtxK3+42WJ/RR7BzGp2wCwBvhJBm:JN8nZ22WJnVJwrJBm
imphash
impfuzzy
  Network IP location

Signature (1cnts)

Level Description
warning File has been identified by 26 AntiVirus engines on VirusTotal as malicious

Rules (1cnts)

Level Name Description Collection
warning Contains_VBA_macro_code Detect a MS Office document with embedded VBA macro code [binaries] binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids



Similarity measure (PE file only) - Checking for service failure