81f1a5faaa792952e49c477f54c75beec7fd03d3a1c250db2b863ec2b669beee (SHA256)
Dokumente-UOM36417800369487.doc
Created at 2018-08-01 10:16:00
Notifications (1/1)
The maximum number of reputation URL requests (10 per analysis) was exceeded. As a result, the reputation status could not be queried for all contacted URLs. In order to get the reputation status for all contacted URLs, please increase the 'Max URL Requests' setting in the system configurations.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
5/5
|
Injection | Writes into the memory of a process running from a created or modified executable | - | |
|
||||
5/5
|
Injection | Modifies control flow of a process running from a created or modified executable | - | |
|
||||
5/5
|
Network | Sets up server that accepts incoming connections | Backdoor | |
|
||||
4/5
|
Process | Creates process | - | |
|
||||
|
||||
|
||||
|
||||
4/5
|
Information Stealing | Reads browser data | - | |
|
||||
4/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
3/5
|
Network | Performs DNS request | - | |
|
||||
|
||||
3/5
|
Browser | Reads data related to browsing history | - | |
|
||||
3/5
|
Browser | Reads data related to saved browser credentials | - | |
|
||||
|
||||
3/5
|
PE | Executes dropped PE file | - | |
|
||||
2/5
|
File System | Known suspicious file | - | |
|
||||
|
||||
2/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
2/5
|
PE | Drops PE file | Dropper | |
|
||||
2/5
|
VBA Macro | Executes macro on specific worksheet event | - | |
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
1/5
|
Static | Unparsable sections in file | - | |
|
||||
1/5
|
Static | Contains suspicious meta data | - | |
|
||||
1/5
|
VBA Macro | Contains Office macro | - | |
|
||||
1/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|