31.0.0 Emerald
IR
355599
CloudBasic
02:06:08
20/02/2021
SecuriteInfo.com.Exploit.Siggen3.10350.27303.12062
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
ad9550ee6ece8322501ed92d374d3928
d0617e5cb90b4db4fcf2269ffd8228b9ca4f89af
74423c8236cd5057af8e4ffbf84fdcbb34f5e6dc8f8dc0520c685c7fd6bc100a
Microsoft Excel sheet (30009/1) 78.94%
true
false
false
false
88
0
100
5
0
5
false
C:\Users\user\AppData\Local\Temp\3CCE0000
false
C44E2E9FEFA57B31CDEFC8D201D895B5
6507ACF9CFBF7142AD5696253F3ABC300BB662CE
9D1BC9044DB37900099FC4CB51160F6EA2C9A34D19ABEC0219F134C762991BE4
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
781443D351DE3D8B9E000C3D089898F3
7AE6978567BD588E9117BA9E8EC200331B4714AA
EF036CCC61EFD384EB738CB22440DA9C5E95B4CB67C72B5FB430D55034011F7D
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\SecuriteInfo.com.Exploit.Siggen3.10350.27303.LNK
false
FC67E56CC21CA04C73C4B56C9D1B47FF
ADEA14F4591F2632F89A83ED1045502CB94FD043
D6F94A6DFDE437561339F3F912B8D14674425D9A646A914197EF1F0BD25F9010
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
8008051768264A8F63462178EE0A3809
2FA73992D0C2D6C872FF64374034E841D3BB0CAA
57612946322F859DBB4A3CEF93B041BA8F62C0BC4252DB26A95F8EE72A64CF32
C:\Users\user\Desktop\4FCE0000
false
55BB2085B17B24C9047A18CAB0FEDBAB
CE0E5D44B46F4517000E492D307E49280220CFEA
16A11EE385E26D296DA33E0D46AB9D4F18C9DE51088D8D14B9A13D8C0913A603
185.81.0.78
chipmania.it
false
185.81.0.78
www.chipmania.it
false
unknown
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Sigma detected: Microsoft Office Product Spawning Windows Shell
Antivirus detection for URL or domain
Found malicious Excel 4.0 Macro
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)