Blind DOCtorAnalysis results
| Feature | Result |
|---|---|
| Verdict | Malicious |
| SHA-256 | 36690bf953192eb205f486a364f788fd75aafa0e119bacb039f2503d4e81d0fa |
| MD5 | 9bcd01e5e8544e3bd39c0594f5407136 |
| File size | 392192 bytes |
| MIME | application/msword |
| File info | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Author: BigAdministrator, Template: Normal.dotm, Last Saved By: win7home, Revision Number: 2, Name of Creating Application: Microsoft Office Word, Create Time/Date: Thu Dec 10 10:21:00 2020, Last Saved Time/Date: Thu Dec 10 10:21:00 2020, Number of Pages: 1, Number of Words: 3, Number of Characters: 19, Security: 0 |
| Matching maldoc templates | Hancitor |
| Suspicious findings in the VBA | Shell Base64 Strings ShellExecute CreateObject Shell32 Hex Strings Call AutoExec |
| Malicious methods | Embedded EXE LOLBAS |
| URLs | |
| First reported | 18/04/2021 10:55:38 |
| Scanning time | 4.54 sec |
| Consult others | Triage VirusTotal Hybrid Analysis |