32.0.0 Black Diamond
IR
404134
CloudBasic
18:49:26
04/05/2021
Outstanding-Debt-996801315-05042021.xlsm
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
a10947afc655468b830fc095aa2778f4
21ede0701106edc700120e79289c3eec73399266
d47c6c23f98e3eb6b9c8516c04957bd964e18970df8a3ae4978aa1b4eae68f6f
Excel Microsoft Office Open XML Format document with Macro (57504/1) 54.50%
true
false
false
false
64
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D4F8E519.jpg
false
4A425E6A5A885C0D0E2589506FD2244B
E23482422480A4720E22F311B42BD65E2F3556F8
76E685FC2035D8CF19945C6686D82054B64D0A9612853D8F428C4B4FE351C160
C:\Users\user\AppData\Local\Temp\8FDE0000
false
06BC5943A130C30583D689C78F6A0D37
245003C3A4DA224AB50074D4ED073F5EE5CA5779
E8DBE433B37FF046751E5D777FD359A42AC3DFDC0788D9A3CA79807B8CD346AD
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd
false
8D99B7E8455F588300FB99C98EF57198
6FF9D88ACF2D6374FA10D8BC018A565A8D620528
095809A1A28A18136A757FC7C54C4381735F9A1D8E03FB985C8C167AAA0346A6
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
E4BC5AE2326049EC3DE3B567FFC9ECF8
2BBDA41806F35F51AADBCA8E7D14B7A8D09B06CC
58B526B6D03DF08DAEA0C0381FCFE30793C947647A838F21B42F215892947535
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Outstanding-Debt-996801315-05042021.LNK
false
69FBE00CDF477988C86C3D84BAA1DDF1
49E69BF793C508FF5710D7DD403B2879F731A436
1D87FCB2DAD1B02F22B76F90BEA42ABF09D8B7E5DA59B453FD09E46A812AC700
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
DC2DD3F12B8F6EDD652DCB722D06BCA1
9C55ECCE1EEE194118F7EAC548546BC5BB9BECAA
456D1B7D481DC9BA52C974845C486FAEA1D34DB6FF65A64716FEB41A5CDB5614
C:\Users\user\Desktop\50EE0000
false
5D60483F6475EAD4A88B15B413D58273
169E91E5B6C85931E6E086B6F941952B85789E29
3B8F649A0ED912D54B8A600DEA8D655EBAB0B0333F43FD3C42B311B5779BE6BD
C:\Users\user\Desktop\~$Outstanding-Debt-996801315-05042021.xlsm
true
96114D75E30EBD26B572C1FC83D1D02E
A44EEBDA5EB09862AC46346227F06F8CFAF19407
0C6F8CF0E504C17073E4C614C8A7063F194E335D840611EEFA9E29C7CED1A523
91.211.91.81
5.34.179.36
45.153.229.23
Document exploit detected (UrlDownloadToFile)
Found Excel 4.0 Macro with suspicious formulas
Found malicious Excel 4.0 Macro
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)