Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 64
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
|
|
malicious
Score: 64
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior
|
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\~DFF64F3F47A5725C9A.TMP |
Composite Document File V2 Document, Cannot read section info | # | |
C:\Users\user\AppData\Local\Temp\~DF23E789C223CE7F7B.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF28FBF22284A5B139.TMP |
data | # | |
Click to see the 11 hidden entries | |||
C:\Users\user\AppData\Local\Temp\~DF362AD5CB9CB152F7.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF4527151DCDBAA200.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF720F595F6C8E4C8E.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF740AB3E24B9A2D46.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF827CFBD4FFBE378D.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DFA98B7F78D7D35817.TMP |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\SecuriteInfo.com.Exploit.CVE-2017-11882.123.29721.1282.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Mar 8 15:45:51 2022, mtime=Tue Mar 8 15:45:51 2022, atime=Fri Nov 25 02:48:08 2022, length=910336, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
Generic INItialization configuration [doc] | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex |
Unicode text, UTF-16, little-endian text, with no line terminators | # | |
C:\Users\user\Desktop\~$curiteInfo.com.Exploit.CVE-2017-11882.123.29721.1282.doc |
data | # |