Loading ...

Play interactive tourEdit tour

Analysis Report document-1019153116.xls

Overview

General Information

Sample Name:document-1019153116.xls
Analysis ID:355906
MD5:948a7b1bc28afb293a7f3fe933e11b83
SHA1:8f858737a636e731b1b1220fd80d3234052fdf98
SHA256:4e657cfccf1d18b8166a8adb446bf8cf82e4ad20c178689c3cb872ca1b059092
Tags:SilentBuilderxls

Most interesting Screenshot:

Detection

Hidden Macro 4.0
Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Sigma detected: Microsoft Office Product Spawning Windows Shell
Yara detected hidden Macro 4.0 in Excel
Document contains embedded VBA macros
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Yara signature match

Classification