35.0.0 Citrine
IR
696518
CloudBasic
13:23:11
02/09/2022
nnxPt0Yydv.doc
defaultwindowsofficecookbook.jbs
Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
15b691f0c5d627e71fed8a5d34fb0328
1c7cb38d8fc2f01a6331ade0fdf4cb9779a5ae74
3833142e8b5a9174615c83c1165fa67bd9f46a230058adf8fc9cbb081bb92d30
Word Microsoft Office Open XML Format document (49504/1) 49.01%
true
false
false
false
68
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-CNRY.FSD
false
30075DA75A69E03B91CDC295A738FE71
5C8EB1D3F7DC5B502212314F6405B25C9766603C
29A90C402102B1E2616519F5DE7AA09426AAAB3559494E5EBFDA3DA1DC16A660
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-{0CEDFB9A-672A-495E-A8C3-4E2E5CC4FEA5}.FSD
false
848796E37A8642B8F3B45C6176D8E814
2D1D922A49C8B09E7B9FB8E0FDFE9A642E65B624
92BB7EFDF1993B4DD43843D0595C911F5AE646CEC4047CEEC557E6B6E9C641DC
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSF-CTBL.FSF
false
99A54F4CFBDA747E27CF539D4A1807FF
5EFB6E4012D07C7820C1022141A6B658AEC2CDB1
98FB7578F8FE1FAFDBE7B2AFD3B37E39161F2C3622433387CCF7AE6E178CC83E
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD
false
E5AF351D93FC6BA388AB48ABD23907E0
5D4145B35593C774D5F88A1997109E79496E3821
D42FB125C2C4BAE8CE74C54BD189F356B596582D3EA1CB96AB1532A586FAAA9B
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{5B8C97A2-8D5D-4690-A237-D6E0C46FC601}.FSD
false
70560F4917331B2A17868068A1E9517E
359ADBCC510241A6528A866A1EA3B361D6EF93AF
475591FE9EC37DCD8BDBDE7E426317FD418DFEABEE6CD0DD0477A2D01834D97E
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF
false
46245F9209D2C7C555186D14DDE809A1
295F3AA146AF9E9C14506927280087F0919DD24E
21E9FB94661FAD6FB122E822A41EB27A2FDC31C0A526085D1A0BE3F732630FB9
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\1024203777.test[1].html
false
C389F7EE1D9E6376B7D96E80D7A1FFE1
2D0B931CF7CECDDDDB35457A5719353840F8CA66
8A01945C5951B6685768C155D938E7805B097477FCBB7E815FCB1CC26F1170DA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\1024203777.test[1].html
false
C389F7EE1D9E6376B7D96E80D7A1FFE1
2D0B931CF7CECDDDDB35457A5719353840F8CA66
8A01945C5951B6685768C155D938E7805B097477FCBB7E815FCB1CC26F1170DA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2EF4F663.html
false
C389F7EE1D9E6376B7D96E80D7A1FFE1
2D0B931CF7CECDDDDB35457A5719353840F8CA66
8A01945C5951B6685768C155D938E7805B097477FCBB7E815FCB1CC26F1170DA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8E5395CD.jpg
false
66EBF5C50A28236AD77C5A306A4543E1
F6EAA2DF964C95A2EB044AA94F5A691C1752E4B8
E80BFCC0066D4DFCE09EE172F5082C14D8EED957E8BF14B60FFC57C2F0BB1BDB
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\BC5065FC.html
false
C389F7EE1D9E6376B7D96E80D7A1FFE1
2D0B931CF7CECDDDDB35457A5719353840F8CA66
8A01945C5951B6685768C155D938E7805B097477FCBB7E815FCB1CC26F1170DA
C:\Users\user\AppData\Local\Temp\{532AFB91-0C3D-4187-B83C-71D1E2833CCF}
false
DAA1E7900566342CE799FAC7815E1AFA
27E2175C96A6DA395860F5B87CCA811689FA8DDC
986189E409F4D446FDBC10306068115FB41CC06EFF771F10277DFAA969AEE504
C:\Users\user\AppData\Local\Temp\{F2BDA7F7-D38F-4DB4-86AB-78594ACAB021}
false
7B2A21167EF7DE65851D941C40B49C48
3E31789057B2852AD41409CF2D5616E30A6A842B
414B8D143DD15A3996171CB9AB5BD4EFC45F7915F7A65AF25441FBCE891B7CE2
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
false
82ED92CE73F3F2C3BF91D4C76D3A4760
CEFFA2857F6D2C211B5C08CEC9957C3EAF09289A
83E793DEA3EBA35BCC76F8F6511BA90804AC6C71EA4B6A13AA5EA52C94C800FD
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\nnxPt0Yydv.LNK
false
B33A705BC9650B7E27987D428B6A003A
E56964067C53E7D6D18A4378B44EB33409244099
F655020F81323BF78D21B11053DFD2C4B4F8C3673710F1854603736BDFC5ED7C
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
false
D9C8F93ADB8834E5883B5A8AAAC0D8D9
23684CCAA587C442181A92E722E15A685B2407B1
116394FEAB201D23FD7A4D7F6B10669A4CBCE69AF3575D9C1E13E735D512FA11
C:\Users\user\Desktop\~$xPt0Yydv.doc
false
D9C8F93ADB8834E5883B5A8AAAC0D8D9
23684CCAA587C442181A92E722E15A685B2407B1
116394FEAB201D23FD7A4D7F6B10669A4CBCE69AF3575D9C1E13E735D512FA11
82.202.173.45
qaz.im
true
82.202.173.45
https://qaz.im/load/diy5AH/b6d42680-56fd-4f98-ae0e-ff81e3799df6
false
82.202.173.45
Antivirus / Scanner detection for submitted sample
Contains an external reference to another file
Multi AV Scanner detection for submitted file
Detected CVE-2021-40444 exploit