Loading ...

Play interactive tourEdit tour

Analysis Report document-1900770373.xls

Overview

General Information

Sample Name:document-1900770373.xls
Analysis ID:355743
MD5:139a10b28479f4f9e2e4465053e039f8
SHA1:10251eb69e603ed7259265015b71b1160e3b4a06
SHA256:ed17094f3e820674c9fa18192292108e8766d28eb0afcc0cf350a44b54196c1d
Tags:xls

Most interesting Screenshot:

Detection

Hidden Macro 4.0
Score:88
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Found malicious Excel 4.0 Macro
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Sigma detected: Microsoft Office Product Spawning Windows Shell
Yara detected hidden Macro 4.0 in Excel
Document contains embedded VBA macros
JA3 SSL client fingerprint seen in connection with other malware
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Yara signature match

Classification