32.0.0 Black Diamond
IR
403443
CloudBasic
06:07:09
04/05/2021
9177284661-04302021.xlsm
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
a8b4e37766d35b543884d8882147eaa2
4356c14118ea9098dabb6d9af620003b7929058a
533c8713c4e10c223a9f8139f9d408ca326aee14a1d88382c91f2ff18cf0f93c
Excel Microsoft Office Open XML Format document with Macro (57504/1) 54.50%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\307513F9.jpg
false
4A425E6A5A885C0D0E2589506FD2244B
E23482422480A4720E22F311B42BD65E2F3556F8
76E685FC2035D8CF19945C6686D82054B64D0A9612853D8F428C4B4FE351C160
C:\Users\user\AppData\Local\Temp\36FE0000
false
367124A82FB758FF6258AF0E59AE4984
E564A4A621945BBEF791627494B5EB9B6E3751A8
3137E11555F26792D03FD0DA41051C2D14BDAD48B43D3AFE83B4DD773E460EB3
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\9177284661-04302021.LNK
false
DFFA4091157334F9379C1F8625BF466E
DFF23F9DAD76202B8D01253514E6BCB497EA86BB
E22B406F66EF6059A88E5C3B56769781FFD37E6BD683A706A32FAAF0585FE189
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
4A5D1CA67C8F7DD86F9537341DFF7FB6
48A579342370E5587F0B882734E7F559AD757B04
3C0A8B4B90B2BFFC956C08EB9669552E0AC4FAC437F1683F530A6679E10AD514
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
3C738600E2C168DA464E5F6B8D1F5BFE
B8A71D217EFB558FAAA522D9F116879690781851
B426222C318FCE644598521ECE3647859958E71F0B282931B26E02193B2BC4E0
C:\Users\user\Desktop\27FE0000
false
5029202D94871712FACF97B7D903C7AC
027869644EAEFD731271C79B74CF56A1946DA0BE
7715EF04371DA547D7B093A17659468A166566B723B7D2CFC986DEDDA3F80DCC
C:\Users\user\Desktop\~$9177284661-04302021.xlsm
true
96114D75E30EBD26B572C1FC83D1D02E
A44EEBDA5EB09862AC46346227F06F8CFAF19407
0C6F8CF0E504C17073E4C614C8A7063F194E335D840611EEFA9E29C7CED1A523
82.118.21.70
45.144.31.232
185.45.193.80
Document exploit detected (UrlDownloadToFile)
Found Excel 4.0 Macro with suspicious formulas
Yara detected MalDoc1
Found malicious Excel 4.0 Macro
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)