flash

00620 - 2011 Dept Expense Detail.xls

Status: finished
Submission Time: 18.08.2021 00:38:59
Suspicious
Exploiter
Hidden Macro 4.0

Comments

Tags

Details

  • Analysis ID:
    467210
  • API (Web) ID:
    834779
  • Analysis Started:
    18.08.2021 00:39:02
  • Analysis Finished:
    18.08.2021 00:52:22
  • MD5:
    57bcdf4ddd4c73eb7b1579edf9e10d62
  • SHA1:
    fb7ee5e7a2ef599bcbf982ff6823387792a90335
  • SHA256:
    5c0e2dc5c3e763417c7fb8f02f8d12a64e9aad4f7fa4cf0e7a09e31bfe20e4fd
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)

suspicious
20/100

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Run Condition: Potential for more IOCs and behavior

suspicious
20/100

System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
Run Condition: Without Instrumentation

suspicious
20/100

URLs

Name Detection
https://peoplesoft.dealercentral.net/psp/SCMPRD_newwin/EMPLOYEE/ERP/c/REPORT_BOOKS.IC_RUN_DRILLDOWN.

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd
data
#