32.0.0 Black Diamond
IR
404114
CloudBasic
18:10:11
04/05/2021
Outstanding-Debt-1754918061-05042021.xlsm
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
5ac72cad6c794e97474276ba534aa095
5236650b529792d7aa754c62e1db170a62ecc13d
06b4a994cc6b9629775ebfcf818cd44267af85d7515980d4edc3c174ac47b6da
Excel Microsoft Office Open XML Format document with Macro (57504/1) 54.50%
true
false
false
false
68
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B6665D5A.jpg
false
4A425E6A5A885C0D0E2589506FD2244B
E23482422480A4720E22F311B42BD65E2F3556F8
76E685FC2035D8CF19945C6686D82054B64D0A9612853D8F428C4B4FE351C160
C:\Users\user\AppData\Local\Temp\90EE0000
false
7C218FCFD105F7FECAC0EA7F7CD1EEA7
9313DE2EF911DADC2DA6C8DBA4A571F44317AE37
7A0A0CC2CA29CF55F937284F073F94FCC8DE2B7058F78B454159535F810EB430
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd
false
1035957E19C310A8633EE6F33ACBFBE9
6A15DF2CA9B6F8E5A8280BAE72DE7C1FB56504D0
51E7BD7FF985F8377C9608B9ECCA94184DAC3882527C8A92870C05CB6D3E4065
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
6550D7CFFAC448ACB4D0C64FD8EB33B1
FB8804190AE528CD51DA3C99DF7910D7FB35DC26
18626B1FF636BC981A48B37E9BB75AA645FD9827C22F89B917C8FA818B70561E
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Outstanding-Debt-1754918061-05042021.LNK
false
41CB8895FD3114D1772F470AB356A14E
9E9D2E56950A121EE59EF846BBADB972E965D990
478D8231BD1374950CB00BA7C5D3645A89F7B2073EE5FE8C8B5BCDD544F3B238
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
DB18784CD80F10B1778579AD9358AA08
A0477CFB7A64AC166B8402F78327CC4982A5B3BB
A567BE3CF59A8EAB1E425508C0ECD6F4CAF8A256753A689E629E3761EAC3532A
C:\Users\user\Desktop\31EE0000
false
9C0D20200AA10BB688213ED3FF0A9114
38CD39BB58A34068147DE255F4C9216C399CDF3E
F2A3CDFEC4B466ADB31289AC9E10483B423A9EDA33B766950EF399F533A6932E
C:\Users\user\Desktop\~$Outstanding-Debt-1754918061-05042021.xlsm
true
96114D75E30EBD26B572C1FC83D1D02E
A44EEBDA5EB09862AC46346227F06F8CFAF19407
0C6F8CF0E504C17073E4C614C8A7063F194E335D840611EEFA9E29C7CED1A523
91.211.91.81
5.34.179.36
45.153.229.23
Document contains an embedded VBA macro which may execute processes
Document exploit detected (UrlDownloadToFile)
Found Excel 4.0 Macro with suspicious formulas
Found malicious Excel 4.0 Macro
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)