Sample Name: | SecuriteInfo.com.Macro.Trojan-Downloader.Encrypted.A.10025 (renamed file extension from 10025 to xls) |
Analysis ID: | 320546 |
MD5: | 66de86a7d9ba80c175fe166a81d25c4d |
SHA1: | 8c0dcef8ad7aeb1e77bc8a18f19d270af61c94e3 |
SHA256: | bc3b0df0a90971d83f87af531671216d238ce21b6272aa2758b178cbb1320276 |
Most interesting Screenshot: |
Score: | 20 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
System Summary: |
---|
Unable to load, office file is protected or invalid |
Source: |
Window title found: |
Source: |
Classification label: |
Source: |
File created: |
Jump to behavior |
Source: |
OLE indicator, Workbook stream: |
Source: |
File read: |
Jump to behavior |
Source: |
Window detected: |
Source: |
Key opened: |
Jump to behavior |
Source: |
File opened: |
Jump to behavior |
Source: |
Initial sample: |
Source: |
Initial sample: |
Source: |
Process information set: |
Jump to behavior | ||
Source: |
Process information set: |
Jump to behavior | ||
Source: |
Process information set: |
Jump to behavior |
HIPS / PFW / Operating System Protection Evasion: |
---|
Yara detected password protected xls with embedded macros |
Source: |
File source: |
No contacted IP infos |
---|