Analysis results
Feature | Result |
---|---|
Verdict | Malicious |
SHA-256 | 5e84efe4d51ed6e3de4aca32ec599edaf9fd1a2ff1a45dae5d471a53fd121e3e |
MD5 | c4dc25fdbdc0b722de6cb190e08757ce |
File size | 1121792 bytes |
MIME | application/msword |
File info | Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: 1, Template: Normal.dotm, Last Saved By: 1, Revision Number: 13, Name of Creating Application: Microsoft Office Word, Total Editing Time: 21:00, Create Time/Date: Mon Oct 5 16:45:00 2020, Last Saved Time/Date: Tue Oct 6 16:52:00 2020, Number of Pages: 1, Number of Words: 0, Number of Characters: 1, Security: 0 |
Matching maldoc templates | TrickBot ZLoader |
Suspicious findings in the VBA | Write Exec Base64 Strings CreateObject wscript.shell AutoExec run SendKeys Hex Strings shell Call CreateTextFile Chr |
Malicious methods | LOLBAS |
URLs | |
First reported | 16/04/2021 13:20:19 |
Scanning time | 14.72 sec |
Consult others | Triage VirusTotal Hybrid Analysis |