32.0.0 Black Diamond
IR
403868
CloudBasic
13:26:22
04/05/2021
statistic-2072807337.xlsm
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
2a3d96f5457e24e8b8ade652e615bfb4
caa93a1b75bcbfff2ce4036a775f4d138ad927a3
a9763b59e46f04675d60453c99910ce4dd7e72c9302964256612d2a18be7a5c9
Excel Microsoft Office Open XML Format document (40004/1) 83.33%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
false
61A03D15CF62612F50B74867090DBE79
15228F34067B4B107E917BEBAF17CC7C3C1280A8
F9E23DC21553DAA34C6EB778CD262831E466CE794F4BEA48150E8D70D3E6AF6D
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
false
D4AE187B4574036C2D76B6DF8A8C1A30
B06F409FA14BAB33CBAF4A37811B8740B624D9E5
A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
false
DBCD4B3215B7C4A7D7120B0B4168B355
1B3F0BEF420E8D7F34F17D39928B17A92F1578CA
4B0F6937FB163874F91F44C5EE31997CD7084F27C27EDC3733D4FF74769341B1
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
false
EBD7919F35755DB6824AA7AF09C33F45
9C118E18107F4F4E611A6839979BAC5D0409299B
6457575D814609FFA285B38542BF62675313C69D5039C3D8D25427830376E6E9
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\suspendedpage[1].htm
false
0357AA49EA850B11B99D09A2479C321B
41472BA5C40F61FA1C77C42CF06248F13B8785F0
0FF0B7FCB090C65D0BDCB2AF4BBD2C30F33356B3CE9B117186FA20391EF840A3
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\11D9B08A.png
false
02DB1068B56D3FD907241C2F3240F849
58EC338C879DDBDF02265CBEFA9A2FB08C569D20
D58FF94F5BB5D49236C138DC109CE83E82879D0D44BE387B0EA3773D908DD25F
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3D04E4C7.png
false
D8574C9CC4123EF67C8B600850BE52EE
5547AC473B3523BA2410E04B75E37B1944EE0CCC
ADD8156BAA01E6A9DE10132E57A2E4659B1A8027A8850B8937E57D56A4FC204B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\63D5E81C.png
false
2C5A59B7F30E5E41412EC22FDEA1DBB5
9A64FB6A68683EEC580A881725DBD146E80D06B1
E872E66F60AE5651AE96A2C2A88D07B0D1C96CDDD45F787AB04237891AD4E8FB
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\F713F16D.png
false
A516B6CB784827C6BDE58BC9D341C1BD
9D602E7248E06FF639E6437A0A16EA7A4F9E6C73
EF8F7EDB6BA0B5ACEC64543A0AF1B133539FFD439F8324634C3F970112997074
C:\Users\user\AppData\Local\Temp\15EE0000
false
573BCC5C96CF30B21D4845252127BD73
9D809B5DD80F587062FE293B7B02DE489A58EEFB
B5FC67FA9A42CB2EF775D878D6C0B0C2C2E991150D5FE65E5C85D0EE9CB722C6
C:\Users\user\AppData\Local\Temp\CabEFDC.tmp
false
61A03D15CF62612F50B74867090DBE79
15228F34067B4B107E917BEBAF17CC7C3C1280A8
F9E23DC21553DAA34C6EB778CD262831E466CE794F4BEA48150E8D70D3E6AF6D
C:\Users\user\AppData\Local\Temp\TarEFDD.tmp
false
4E0487E929ADBBA279FD752E7FB9A5C4
2497E03F42D2CBB4F4989E87E541B5BB27643536
AE781E4F9625949F7B8A9445B8901958ADECE7E3B95AF344E2FCB24FE989EEB7
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
DE202AB75E36EE18DF5FACE734AB2B4C
66C748D8CF357D829BD70D642E18880A71540284
B64AC4C2107A40E05213CC45476A7D723EA8209C1B15E052DB8C615E5B42E20B
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
8C9EB52C403EE787EA534168C403D1F2
FDD2915C54BFA0FCD3DB90A99D51871DF1712CED
A2BC9EFD5CDE659A8A5600A4AE2215FA068B82C7C56CFA5DBF64A23930367134
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\statistic-2072807337.LNK
false
3D8CC343E0B3D13116D3DEFE7B91C1AC
B0A0401D67D972E243A53E71C50E31BC7B08A40C
997AC877F1DAA56E21913BEC420D9F8B06CEFBC61CB87E2E86EC5E0A03DACD88
C:\Users\user\Desktop\D5EE0000
false
965667B94AF1D6381BCB325B13D034D6
006CA62692DFD563987F1DE99C21CD17579BDFC2
2E25D75EF4C7B34E04E26D3D13A6E6D81C2A608C0335BC14838046A6C11C15C7
C:\Users\user\Desktop\~$statistic-2072807337.xlsm
true
96114D75E30EBD26B572C1FC83D1D02E
A44EEBDA5EB09862AC46346227F06F8CFAF19407
0C6F8CF0E504C17073E4C614C8A7063F194E335D840611EEFA9E29C7CED1A523
C:\Users\user\jordji.nbvt11
false
0357AA49EA850B11B99D09A2479C321B
41472BA5C40F61FA1C77C42CF06248F13B8785F0
0FF0B7FCB090C65D0BDCB2AF4BBD2C30F33356B3CE9B117186FA20391EF840A3
192.185.5.2
192.254.233.89
anaheimdermatologists.com
false
192.185.5.2
industrialarttextile.com
false
192.254.233.89
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Sigma detected: Microsoft Office Product Spawning Windows Shell
Sigma detected: System File Execution Location Anomaly
Yara detected MalDoc1
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)