31.0.0 Red Diamond
IR
321328
CloudBasic
20:59:01
20/11/2020
Complaint-Copy_1984632811_11102020.xls
defaultwindowsofficecookbook.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
3923517a84aa5cda58fec80a26dfbfac
96339ae67e0634cabaefe3a9f13b0dd29f128781
5958d4456b39343d02e0a90b156112ff2f42ab2f94fb453f722b8c4f1f91b1c4
Microsoft Excel sheet (30009/1) 78.94%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\514913CD-09DC-49EE-A35E-AC55604C79F5
false
3FA1CBB26E3BAA5810D0B03A38C3F89B
45907A1ED79EA50B7B5C3D3E904AE2DD615EC181
E3FCB82A29B4A7C5D6A18A4C072970D7AA3B98608471A856F09A6B52E0B4B52A
C:\Users\user\AppData\Local\Temp\DE810000
false
46BB2CE6536CCCFFB1694D9881B84D08
C63023690565FEE45BDE078FA79B6496E58E8B00
1BB2A57A329C8984D28D9F7961E6198EC8C974449B569B5B6BB623B32D94C99D
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Complaint-Copy_1984632811_11102020.xls.LNK
true
1B666D0450E950AA445D6640BBF061A3
6EABAACCBC222BE8314C5633E689A61F324989E9
05744BA04F86006BC994B762EC0D8CB05C34E90021162470DF63C57CB8BBC773
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
BB825BD8C4950022076C96E66E9929E5
381BA458E94D90726CFE5E6269221C831F5F0889
F93A802E48051A816C4DBE3C68112A82D21D54F0BC981BEBBA5F9430D98EFF03
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
FC7206BE6C7907B5BED8628BD33AEC0A
4807778236817026DB5C5B0A35BBA96EAEC5FF90
4099AC5F3AD1D122B3240A9C14BAF156A48438D866637CC301EE39EC16B3D1BF
C:\Users\user\Desktop\8F810000
false
E8C8BBF9A84FDD9B26FC7D95CB627E92
96183C68B38D463F412204258A973974E00D23F1
DC4CFBF44D46A5F83E8921A4B73655BC7269C96D96DA0FAF14B6E84FACAB0DFB
103.253.212.59
int.boogieapparel.co.id
false
103.253.212.59
Document exploit detected (UrlDownloadToFile)
Found abnormal large hidden Excel 4.0 Macro sheet
Yara detected hidden Macro 4.0 in Excel
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)