31.0.0 Emerald
IR
383366
CloudBasic
17:34:19
07/04/2021
Comission_1980420924_03172021.xlsm
defaultwindowsofficecookbook.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
7c87c28b3c650992cca31f7728aa2cfd
e278ae31532f3f65297d8c97d21080321cd79e9f
c794d4aa56fd9e070e2a7ef2b18c08016da687eddb100350216cada8110074d9
Excel Microsoft Office Open XML Format document (40004/1) 83.33%
true
false
false
false
64
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\2F831197-0868-4F34-83EA-326F8C2F8063
false
220A5B4689B37ACD926FB9DE32A0CBF9
EBB2C0513F5652B895DFBCB83FEFB234C73C3255
27A1CF077F868DA7406B2A3E83F9BA19BA2270330FE170CE292DA8A44B4A6459
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\4D928BE7.jpeg
false
1BE35F6C74B488050049162605294C82
6788B12BD406903C82C3ED6FD46DD8E833612A74
788C88EB21A724887B5258A8170157BD11FE6A78E0C2C71326E194B6BDF12AC9
C:\Users\user\AppData\Local\Temp\24B10000
false
3CB31AC4D2B6884355F3413CD9706C0C
557394778B0F59644F3AC31CED127E9D084427FD
4F8E46F30FC972D1EFFD66373D67B2198A97F27EA5122FC301A235003B71C93E
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Comission_1980420924_03172021.LNK
false
82A41CF83DD178B8132F71A0858CB7DD
014DE2D51899CED3FF3CA73D641EF5652AF77F55
81347CA0711EF2AE7DF74EED6E2B02588CA2D57014946A9A4BB88E75AF11ACDF
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
46C630B53384F4A3A12B33D4575768B0
C5D85CA7229F404E938244B5B4D325E24B4CE7EE
7537EC84DBED2677F91AFEB475FAA4B94458926922806B83514D7032D370C6A9
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
5689775EF36F265CCF27A9BAF089052B
81F675CAA034CB470D0815A91D6AD59E25EF83E8
FE8FD49E33FDBC456FA7C1D19603A9652BFF3839E92EB7C096428A87628A1562
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
false
7962B839183642D3CDC2F9CEBDBF85CE
2BE8F6F309962ED367866F6E70668508BC814C2D
5EB8655BA3D3E7252CA81C2B9076A791CD912872D9F0447F23F4C4AC4A6514F6
C:\Users\user\Desktop\E4B10000
false
0594BBF137BDC4A912F57B1F2249C2D1
8B8AD9893175DEE2809145FEFB5D615BAA598EEB
4929A9CF58039F4FFDB8A4BD9EB37286B57BC69419F7CF72A92801DB762574D4
C:\Users\user\Desktop\~$Comission_1980420924_03172021.xlsm
true
836727206447D2C6B98C973E058460C9
D83351CF6DE78FEDE0142DE5434F9217C4F285D2
D9BECB14EECC877F0FA39B6B6F856365CADF730B64E7FA2163965D181CC5EB41
188.119.112.114
188.127.230.104
185.82.219.75
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)