Analysis results
Feature | Result |
---|---|
Verdict | Malicious |
SHA-256 | 48c405df809a308629766560214fe2137c1e77c28213745b9b7d22d555a3db64 |
MD5 | abd3ad927f287ecffa67285f5e167015 |
File size | 826880 bytes |
MIME | application/msword |
File info | Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: -535, Title: NAME_LASTNAME NAME_FIRSTNAME, Author: PC Priv Project, Template: Test.dot, Last Saved By: 1, Revision Number: 54, Name of Creating Application: Microsoft Office Word, Total Editing Time: 47:00, Create Time/Date: Sat Jan 29 09:00:00 2000, Last Saved Time/Date: Fri Oct 23 14:06:00 2020, Number of Pages: 1, Number of Words: 24, Number of Characters: 138, Security: 0 |
Matching maldoc templates | TrickBot |
Suspicious findings in the VBA | Create Write Exec Base64 Strings SaveToFile CreateObject binary wscript.shell windows chr Open Hex Strings shell CreateTextFile AutoExec ADODB.Stream |
Malicious methods | LOLBAS |
URLs | |
First reported | 16/04/2021 13:19:39 |
Scanning time | 10.3 sec |
Consult others | Triage VirusTotal Hybrid Analysis |