32.0.0 Black Diamond
IR
441923
CloudBasic
17:46:18
29/06/2021
statistic-1496367785.xls
defaultwindowsofficecookbook.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
7fb48e03b899f792be6c3118a46c5c8f
55445d13cd433121c6c2bfb31414b08e31e28a65
1c818433e1ca49729f987b3f060b2133c8375f8164181c4684600a278ee6033f
Microsoft Excel sheet (30009/1) 78.94%
true
false
false
false
80
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\0A8CE175-D39D-43AE-8F1B-CA84388C02A0
false
F36D695FFC65C02CF6642D107DE3436E
A6E39AE62834265B4937B554FF799614E6CBD2BC
0A1F0B3E72F02FBF65827B4356D516DA6D321ACB4EB356F16657728C82584E94
C:\Users\user\AppData\Local\Temp\BDB40000
false
30C64BA689D114C1B1F07726F4B0F643
6E453A1835195371901BDEC66BDDE4EAAC7B0DD2
E9806EDFE4032C38F466EC4CB002167D14B5076F4197EBE861053E1A3BE5ECC9
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK
false
C28D5CC4959D0E1E0857E734A7985781
02DD24C036CD987F04E14B31EF9ECDEDF4B75E50
E1050433736C4F3D25755ECD8A6E34798FA29A618D0A58BC759B4D208756C19A
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
827572951026F0F9437E31D866B8FF08
0B6A363D618B5E1D031EE6E5DCE5C18A9B13BBE6
493A258224290D5C5BB92DC4C57E3B8E36D4BE213CC9F3744D69D345F03B843B
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\statistic-1496367785.LNK
false
1DBF118D07425F742972F80B6F479464
348393828935581579897E182E3872D7033C7054
8996BA14F72BBE59CC466D0F4AB1911D640C453A9EC210C47DD791D3301037AB
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
false
7962B839183642D3CDC2F9CEBDBF85CE
2BE8F6F309962ED367866F6E70668508BC814C2D
5EB8655BA3D3E7252CA81C2B9076A791CD912872D9F0447F23F4C4AC4A6514F6
C:\Users\user\Desktop\7EB40000
false
6F378E0FCB99595324566C5A91985656
9059F775A49511C7A614F831EC90841008171C0D
3026EAEDD6AFA59DF4C54D4CF1E1EE6A4891F32CC83B2B1AA95426B0F6458763
108.179.232.80
162.241.2.112
academy.haleemcampus.com
false
108.179.232.80
psq.com.mx
false
162.241.2.112
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Found Excel 4.0 Macro with suspicious formulas
Found abnormal large hidden Excel 4.0 Macro sheet
Sigma detected: Microsoft Office Product Spawning Windows Shell
Yara detected hidden Macro 4.0 in Excel
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)