31.0.0 Emerald
IR
380316
CloudBasic
21:38:10
01/04/2021
91476525608-04012021.xlsm
defaultwindowsofficecookbook.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
e8d0244666daf465e9914a7f56938412
3c5f71752b0cea18b06dfad9a96cdfeb053f45cc
196668480754f95f98c6e59d4776e4f8c756ad3be9fd48a27cfcb50be329567e
Excel Microsoft Office Open XML Format document with Macro (57504/1) 54.50%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\170F9197-F193-4F05-B2F8-6C4BDA897C38
false
E7668D83CE7B848585926FD90522402D
95822A0A9324DD689274397DCF0C82A4F34A5F60
9A8EA9EC455DB5BD73F33DB0E0FE8F7C43310D5ACDE7076896A994A3ED38B51B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\457FCD63.gif
false
CB67CED3017DF7803FBA5D86FCEB4276
C7B8B4A44BDF7F7775F61FCF236A0834CB321733
C31F711B323EA0B1D04C7A72ECAC0BBBF4DC4ECC56F837FEFE754F53385D07B1
C:\Users\user\AppData\Local\Temp\C1C10000
false
71613F2A51D4D53FBAB7AD463F440173
E6D94EABFF1D79A893B4B33D4AA2D5F502ECE04A
359F61334F8164FAB790344EBC5A26DF40198A9B744B03CC774E6AD4BEF594EE
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\91476525608-04012021.LNK
false
F9032E54DEB47211B0919CD5BA35DE4E
935F026CB1A307C4E3AB674350EE9E902303BED4
5258DEC295C5A54436AE8633C10CF70297250C2B17328C4954AC28B7CE0FB798
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
EEA1A453700B7BCC61FDB3CF41ED8DD8
06090C59BA0B4E16B71E30D16F71012B4FBA64B4
A496A32E7CA6748300738622C9E34C3A78CB594B041E57878C54A709CBC198A9
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
9A8B152F14E864A0442647375EAEF800
F75AE3EA100D77463B10071D490354CE3FAFF74F
73CA17369F3CDE5E4DA9BACAF17ABF3264FB8EF524E83EE66E236640EF078B72
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
false
7962B839183642D3CDC2F9CEBDBF85CE
2BE8F6F309962ED367866F6E70668508BC814C2D
5EB8655BA3D3E7252CA81C2B9076A791CD912872D9F0447F23F4C4AC4A6514F6
C:\Users\user\Desktop\72C10000
false
51478521A3FBA30FA92081A1E6351BEB
DB6F54CA94F9C227D1CA2EB93A8946F2A6FA1187
1EA11614C9E4E8BF02A641EA3FEF8F372B24CC9904BAF5EF6517A80C7FC23454
C:\Users\user\Desktop\~$91476525608-04012021.xlsm
true
836727206447D2C6B98C973E058460C9
D83351CF6DE78FEDE0142DE5434F9217C4F285D2
D9BECB14EECC877F0FA39B6B6F856365CADF730B64E7FA2163965D181CC5EB41
195.123.210.186
45.150.67.243
91.211.89.28
Document contains an embedded VBA macro which may execute processes
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Sigma detected: Microsoft Office Product Spawning Windows Shell
Antivirus detection for URL or domain
Found malicious Excel 4.0 Macro
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)