32.0.0 Black Diamond
IR
403883
CloudBasic
13:50:44
04/05/2021
statistic-2069354685.xlsm
defaultwindowsofficecookbook.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
e594ea809c24d81cacae25761ae68a4d
c402e78a57d801ee6220aa1e8532e444db22f911
d328633005bb0fd39826107193a26f4d6d933fb4f2dfb6f8e4eb48c6eab81df3
Excel Microsoft Office Open XML Format document (40004/1) 83.33%
true
false
false
false
84
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\FF93F185-DDDE-40CB-B93D-25B41D52007D
false
1AF31B16563C9C47ED947428C38A164A
BEB0A89382165324D7932EA1FB1DF1AD80DE8215
370668FCBE3B57B21305936A219F7070452F8BF08088397141CE91DE7CE0EE34
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\31381FA9.png
false
A516B6CB784827C6BDE58BC9D341C1BD
9D602E7248E06FF639E6437A0A16EA7A4F9E6C73
EF8F7EDB6BA0B5ACEC64543A0AF1B133539FFD439F8324634C3F970112997074
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\8E121C48.png
false
2C5A59B7F30E5E41412EC22FDEA1DBB5
9A64FB6A68683EEC580A881725DBD146E80D06B1
E872E66F60AE5651AE96A2C2A88D07B0D1C96CDDD45F787AB04237891AD4E8FB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\BDC82AA3.png
false
D8574C9CC4123EF67C8B600850BE52EE
5547AC473B3523BA2410E04B75E37B1944EE0CCC
ADD8156BAA01E6A9DE10132E57A2E4659B1A8027A8850B8937E57D56A4FC204B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\F3F7F196.png
false
02DB1068B56D3FD907241C2F3240F849
58EC338C879DDBDF02265CBEFA9A2FB08C569D20
D58FF94F5BB5D49236C138DC109CE83E82879D0D44BE387B0EA3773D908DD25F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\suspendedpage[1].htm
false
0357AA49EA850B11B99D09A2479C321B
41472BA5C40F61FA1C77C42CF06248F13B8785F0
0FF0B7FCB090C65D0BDCB2AF4BBD2C30F33356B3CE9B117186FA20391EF840A3
C:\Users\user\AppData\Local\Temp\7EB40000
false
CEA7FB22B7AEEA0CA1B94AEB059F46AC
FA2C610AB96876DEB74F5B373653E04470A68884
5567F7693EC5E46A015A0FBF26F0E0FDE852344677278F9269883D3B51CE1F5E
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
8BFFAACFFBFC528948052F64BEE5F95D
BB737B39FDACC71138600C1DD00C09E79E5537F9
5108ABEBD2F2A7E6974AB21CAD1BA1B4A08524A55FA8DF7C665CE6E6A3B08092
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
19FC1324EF0021D509D5A8DAF316C4DF
60FF2DF708BD84B80D40E01FF037C9D61F478E46
68782E3476F3DA67AB4D1796164708A27E2CE02134A59429591A41C6C7964DA8
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\statistic-2069354685.LNK
false
320A4974EB418DDF4D3592E78DE3A205
211C8075764DEE2DCF34FC3CAB5A0D534E2CD999
933C586DF817A2DF1D4A0A7D083479F0DF68AC2FFFE7C22BC13A407ACB5D0DB0
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
false
7962B839183642D3CDC2F9CEBDBF85CE
2BE8F6F309962ED367866F6E70668508BC814C2D
5EB8655BA3D3E7252CA81C2B9076A791CD912872D9F0447F23F4C4AC4A6514F6
C:\Users\user\Desktop\CFB40000
false
882095718AF57FA3BAE17A531D90F22F
7E5863C725008053C77A9BA9C17ECB105C63D1BE
F5975244672C7752B568930B74717DB5DC2C12C738CFE3B24B846BB2093F0162
C:\Users\user\Desktop\~$statistic-2069354685.xlsm
true
836727206447D2C6B98C973E058460C9
D83351CF6DE78FEDE0142DE5434F9217C4F285D2
D9BECB14EECC877F0FA39B6B6F856365CADF730B64E7FA2163965D181CC5EB41
C:\Users\user\jordji.nbvt11
false
0357AA49EA850B11B99D09A2479C321B
41472BA5C40F61FA1C77C42CF06248F13B8785F0
0FF0B7FCB090C65D0BDCB2AF4BBD2C30F33356B3CE9B117186FA20391EF840A3
192.185.5.2
192.254.233.89
anaheimdermatologists.com
false
192.185.5.2
industrialarttextile.com
false
192.254.233.89
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Sigma detected: Microsoft Office Product Spawning Windows Shell
Sigma detected: System File Execution Location Anomaly
Yara detected MalDoc1
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)