32.0.0 Black Diamond
IR
441336
CloudBasic
17:50:49
28/06/2021
DEBT_2026004977_03182021.xlsm
defaultwindowsofficecookbook.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
042b349265bbac709ff2cbddb725033b
41b74d0c3b18fdcd17a8ca7ebfd883421f39c993
ba1912b685d37e4db3b8a622fa966a5e2c2f38c56037bfcc2a9f0a6f39872429
Excel Microsoft Office Open XML Format document (40004/1) 83.33%
true
false
false
false
96
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\73D3952B-3B15-4407-BAAE-6A7E44917CA3
false
A62746997F60DCD5700413FC08FBE3B5
A1EC392805F952CC456429F906F3D7074CB00634
4FE1368F958C2505FFC91256C6AEC3BB9349B74553430065A3B553F7DF2EC900
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\92F501C0.jpeg
false
1BE35F6C74B488050049162605294C82
6788B12BD406903C82C3ED6FD46DD8E833612A74
788C88EB21A724887B5258A8170157BD11FE6A78E0C2C71326E194B6BDF12AC9
C:\Users\user\AppData\Local\Temp\47A40000
false
DB88E02A12467B3C0E4ED94BF75B8D16
13B192C89D9BE5A7D0BD55971AF81AA876E986F8
6D9D27C2253E4462D478B650035AC4CBA23B20894CF8D8F38E11BC6BB8ED6215
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\DEBT_2026004977_03182021.LNK
false
AB9FB9EEBCF1917BD0083D25BCADF5E9
13D9FAB9202F67410FF0C86D5D6C55B8DAB56D66
F03AD5A86ED7B9D6C765FAB758FEF9E330B51AFDC6185A91DEA4C61C4C99AFA4
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
DD88268B195F4B40CD5D446063A9317A
822243CB3309EF70D925DED34A8380E889E22110
F82853BA6154B5CBC4374953E531E6673FFE8173A2BD94505E596205AB0037E6
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
D21723E510B78E341C756E99ABD11363
EB6EAA4916A35A49A850AF3DFF7C41C4E8AF9E3D
20AB3F8F28533ADDE478FD4F3152D6A27DC04C84FD876FEC7F65BCB414668F59
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
false
7962B839183642D3CDC2F9CEBDBF85CE
2BE8F6F309962ED367866F6E70668508BC814C2D
5EB8655BA3D3E7252CA81C2B9076A791CD912872D9F0447F23F4C4AC4A6514F6
C:\Users\user\Desktop\D7A40000
false
86576E5D82EEEEE7C83A2C96B7746C08
E0BD9E018C4CEA72DCDA55FB1DA8502751FF6D41
E07CF341E4913EEB99292C8F96EA047ECEC530E3E85533B52F331A32A94EFF67
C:\Users\user\Desktop\~$DEBT_2026004977_03182021.xlsm
true
836727206447D2C6B98C973E058460C9
D83351CF6DE78FEDE0142DE5434F9217C4F285D2
D9BECB14EECC877F0FA39B6B6F856365CADF730B64E7FA2163965D181CC5EB41
45.140.146.180
192.168.2.1
188.127.231.55
185.82.219.219
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Sigma detected: Microsoft Office Product Spawning Windows Shell
Yara detected MalDoc1
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)