Analysis results
Feature | Result |
---|---|
Verdict | Malicious |
SHA-256 | 2e480d827237d7ae78d5b296e18e6a0cd466c5f3e09abf96f8bb53d927c4bab8 |
MD5 | 9bcd7831593b18eb2fc20abb950776e0 |
File size | 173832 bytes |
MIME | application/msword |
File info | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Qui., Author: Sacha Renard, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Thu Aug 6 19:32:00 2020, Last Saved Time/Date: Thu Aug 6 19:32:00 2020, Number of Pages: 1, Number of Words: 4, Number of Characters: 24, Security: 0 |
Matching maldoc templates | Emotet ZLoader |
Suspicious findings in the VBA | Create showwindow Base64 Strings CreateObject Hex Strings Chr AutoExec |
Malicious methods | LOLBAS |
URLs | |
First reported | 16/04/2021 13:18:03 |
Scanning time | 3.3 sec |
Consult others | Triage VirusTotal Hybrid Analysis |