Edit tour
Windows
Analysis Report
20220714 DWG.doc
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
Potential document exploit detected (unknown TCP traffic)
Uses a known web browser user agent for HTTP communication
Potential document exploit detected (performs HTTP gets)
Document misses a certain OLE stream usually present in this Microsoft Office document type
Classification
- System is w7x64
- WINWORD.EXE (PID: 2192 cmdline:
"C:\Progra m Files\Mi crosoft Of fice\Offic e14\WINWOR D.EXE" /Au tomation - Embedding MD5: 9EE74859D22DAE61F1750B3A1BACB6F5)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
Source: | File opened: |
Source: | TCP traffic: |
Source: | TCP traffic: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |