32.0.0 Black Diamond
IR
403883
CloudBasic
13:43:27
04/05/2021
statistic-2069354685.xlsm
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
e594ea809c24d81cacae25761ae68a4d
c402e78a57d801ee6220aa1e8532e444db22f911
d328633005bb0fd39826107193a26f4d6d933fb4f2dfb6f8e4eb48c6eab81df3
Excel Microsoft Office Open XML Format document (40004/1) 83.33%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
false
61A03D15CF62612F50B74867090DBE79
15228F34067B4B107E917BEBAF17CC7C3C1280A8
F9E23DC21553DAA34C6EB778CD262831E466CE794F4BEA48150E8D70D3E6AF6D
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
false
D4AE187B4574036C2D76B6DF8A8C1A30
B06F409FA14BAB33CBAF4A37811B8740B624D9E5
A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
false
4F5E4C2DD3AA32D30BF30638A47A83F9
B6BF02C21B1B0CF38F344597CA3A217AC76AAFDB
606F69BE69F8C92D632251DC12D34C2CBDCDCE29B4762780F4429046BDCF388C
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
false
22C81A3207323A001185E4D347C8CB62
F9FE61F0813EB67E6894162159F0A8A43832996E
72A21E4A36B6A07E8B5F3E1F666769E7B8FF00BA80A57FE9B94AC430DA47F88D
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\suspendedpage[1].htm
false
0357AA49EA850B11B99D09A2479C321B
41472BA5C40F61FA1C77C42CF06248F13B8785F0
0FF0B7FCB090C65D0BDCB2AF4BBD2C30F33356B3CE9B117186FA20391EF840A3
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\216A9434.png
false
D8574C9CC4123EF67C8B600850BE52EE
5547AC473B3523BA2410E04B75E37B1944EE0CCC
ADD8156BAA01E6A9DE10132E57A2E4659B1A8027A8850B8937E57D56A4FC204B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7417EC62.png
false
A516B6CB784827C6BDE58BC9D341C1BD
9D602E7248E06FF639E6437A0A16EA7A4F9E6C73
EF8F7EDB6BA0B5ACEC64543A0AF1B133539FFD439F8324634C3F970112997074
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\82F80CFB.png
false
02DB1068B56D3FD907241C2F3240F849
58EC338C879DDBDF02265CBEFA9A2FB08C569D20
D58FF94F5BB5D49236C138DC109CE83E82879D0D44BE387B0EA3773D908DD25F
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\A28A3EA5.png
false
2C5A59B7F30E5E41412EC22FDEA1DBB5
9A64FB6A68683EEC580A881725DBD146E80D06B1
E872E66F60AE5651AE96A2C2A88D07B0D1C96CDDD45F787AB04237891AD4E8FB
C:\Users\user\AppData\Local\Temp\0CDE0000
false
74AE1B685F40E9853B1CDBF7545042DA
C45DE5DECD85C1A40A35818310731B49AB3F8B74
3F18EA54A30438B03923B8E0511D08D9D0A657720BC64E07D614038A0D9CD905
C:\Users\user\AppData\Local\Temp\CabE725.tmp
false
61A03D15CF62612F50B74867090DBE79
15228F34067B4B107E917BEBAF17CC7C3C1280A8
F9E23DC21553DAA34C6EB778CD262831E466CE794F4BEA48150E8D70D3E6AF6D
C:\Users\user\AppData\Local\Temp\TarE726.tmp
false
4E0487E929ADBBA279FD752E7FB9A5C4
2497E03F42D2CBB4F4989E87E541B5BB27643536
AE781E4F9625949F7B8A9445B8901958ADECE7E3B95AF344E2FCB24FE989EEB7
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
DD0604BCE70E45479C53C63FC04CAD71
8A1B7D31F07A2960A5690ABE07E6852DE5D8D7DB
EE0A698FFCE0C54CDE21B7309704F3C5BF602FE2EBA2B74FC0DC1925167270CE
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
19FC1324EF0021D509D5A8DAF316C4DF
60FF2DF708BD84B80D40E01FF037C9D61F478E46
68782E3476F3DA67AB4D1796164708A27E2CE02134A59429591A41C6C7964DA8
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\statistic-2069354685.LNK
false
7F3A420A1FB1AEDA14809CFF6E3275D8
89B87D890C8B5DB508E457AFDF5B70A2C263FBBA
8B1370F81A11AD27F3A5F2E06D5C25A5C27E0DD526AD991182229867E9B58957
C:\Users\user\Desktop\0DDE0000
false
74AE1B685F40E9853B1CDBF7545042DA
C45DE5DECD85C1A40A35818310731B49AB3F8B74
3F18EA54A30438B03923B8E0511D08D9D0A657720BC64E07D614038A0D9CD905
C:\Users\user\Desktop\~$statistic-2069354685.xlsm
true
96114D75E30EBD26B572C1FC83D1D02E
A44EEBDA5EB09862AC46346227F06F8CFAF19407
0C6F8CF0E504C17073E4C614C8A7063F194E335D840611EEFA9E29C7CED1A523
C:\Users\user\jordji.nbvt11
false
0357AA49EA850B11B99D09A2479C321B
41472BA5C40F61FA1C77C42CF06248F13B8785F0
0FF0B7FCB090C65D0BDCB2AF4BBD2C30F33356B3CE9B117186FA20391EF840A3
192.185.5.2
192.254.233.89
anaheimdermatologists.com
false
192.185.5.2
industrialarttextile.com
false
192.254.233.89
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Sigma detected: Microsoft Office Product Spawning Windows Shell
Sigma detected: System File Execution Location Anomaly
Yara detected MalDoc1
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)