ScreenShot
| Created | 2021.03.18 17:01 | Machine | s1_win7_x6401 |
| Filename | Test.dotm | ||
| Type | Zip archive data, at least v2.0 to extract | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 26 detected (malicious, high confidence, EmoDldr, Save, Eldorado, gen87, Ole2, druvzi, MROF, ai score=81, score, Static AI, Suspicious OPENXML) | ||
| md5 | 451ea5275e3477ae373894a35627a9b3 | ||
| sha256 | df1e8e9c46971dd91ef1cedc8c78a4a2efb07dabd7e9dcff7e2206791379f469 | ||
| ssdeep | 384:JdTCZ3nZhb8mtxK3+42WJ/RR7BzGp2wCwBvhJBm:JN8nZ22WJnVJwrJBm | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (1cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 26 AntiVirus engines on VirusTotal as malicious |
Rules (1cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Contains_VBA_macro_code | Detect a MS Office document with embedded VBA macro code [binaries] | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|