Loading ...

Play interactive tourEdit tour

Analysis Report Complaint-1091191320-02182021.xls

Overview

General Information

Sample Name:Complaint-1091191320-02182021.xls
Analysis ID:356327
MD5:da47abb08bf5ab8ccd6dde8b8395585d
SHA1:f4ffc845ceb85dee839ac85228ff410d9a01bd33
SHA256:91b4e89cdfe2e0d0f29642b21d4035ee4201f99e24e5ec841d4c8bb73547cd78

Most interesting Screenshot:

Detection

Hidden Macro 4.0
Score:88
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Found malicious Excel 4.0 Macro
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Sigma detected: Microsoft Office Product Spawning Windows Shell
Document contains embedded VBA macros
IP address seen in connection with other malware
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Uses a known web browser user agent for HTTP communication
Yara signature match

Classification