7859fd95c60a | Files

Classifications

-

Threat Names

Mal/Generic-S

Dynamic Analysis Report

Created on 2022-09-12T14:11:34+00:00

7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027.doc

Word Document

Filters:

File Name	Category	Type	Verdict	Actions

C:\Users\RDhJ0CNFevzX\Desktop\7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027.doc

Sample File

Word Document

»

MIME Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
File Size	252.54 KB
MD5	7e8133cf5f56adcfafb9bc91390c9fe7
SHA1	2cc6471245901e51565ad69df6b8586629965cf1
SHA256	7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027
SSDeep	6144:CsjU1vruW+UztmXtb2wDayQ7B4Y6/EcKbiCW:tjaumMXtb2w+yM4YhVWCW
ImpHash	-

File Reputation Information

»

Verdict	Malicious
Names	Mal/Generic-S

Office Information

»

Creator	MICROSOFT
Last Modified By	MICROSOFT
Revision	1
Create Time	2022-09-11 22:26 (UTC+2)
Modify Time	2022-09-11 22:27 (UTC+2)
Application	Microsoft Office Word
App Version	14.0000
Template	Normal.dotm
Document Security	NONE
Editing Time	1.0
Page Count	1
Line Count	1
Paragraph Count	1
Word Count	3
Character Count	21
Chars With Spaces	23
ScaleCrop	False
SharedDoc	False

Controls (1)

»

CLSID	Control Name	Associated Vulnerability
{F20DA720-C02F-11CE-927B-0800095AE340}	Packager6	EmbeddedFile

Extracted Image Texts (2)

»

Image #1: image1.PNG

»

                     ry (iortaea i Tau ens [ore aa eae enna AM Mane arose near cere UR ag
                    

Image #2: image2.png

»

                     251 DP tm etry
                    

oleObject1.bin

Extracted File

OLE Compound

»

Parent File	C:\Users\RDhJ0CNFevzX\Desktop\7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027.doc
MIME Type	application/CDFV2
File Size	165.50 KB
MD5	df2427693f64bab2b72a07f7e104b826
SHA1	a5f51ee5e004712e3a17a2c9226f7a4f4917e77c
SHA256	543eb377d95104a39c65e164349fc94ce5fe2cd515ff1d9a5e2e9ec4e8473348
SSDeep	3072:4HtZMJGepfzX0wzh3ai4MhIcm3o9wpqmkAiye3Y6/tocHRXiIsWckuHvDdbFjW0:4HtmJnbEwVak+5BoY6/KcWbo
ImpHash	-

File Reputation Information

»

Verdict	Malicious
Names	Mal/Generic-S

Office Information

»

Controls (1)

»

CLSID	Control Name	Associated Vulnerability
{F20DA720-C02F-11CE-927B-0800095AE340}	Packager6	EmbeddedFile

CFB Streams (4)

»

Name	ID	Size	Actions
Root\Ole	1	20 Bytes	... Actions Download File
Root\CompObj	2	72 Bytes	... Actions Download File
Root\ObjInfo	3	6 Bytes	... Actions Download File
Root\Ole10Native	4	161.18 KB	... Actions Download File

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	b22bf8db37f854b11b3c0778e4de090c
SHA1	acd0274e1bcd4c6b1b03a1d2c552ed67152a3e6b
SHA256	a3ef479dfa0b4bfbe9452abb54d78f793e13e763875a613f4b6feefd30030c4f
SSDeep	3:oFjQvNjoMT4+R2ov:oyjoMT4+R2y
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	34857938ae5a45fb99f397a1382ec9e3
SHA1	cbdffff827121a5b9b37367cf51a8d535b399991
SHA256	9a3b5534bc25907d62f2c1dda5fccb7d00b99e17e70235ebb295503247aeb064
SSDeep	3:oFjQvNjoMT44yn:oyjoMT41n
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	4132fd309cf85493fadc5335b06f70b4
SHA1	5aac8eb6cfa0477ffd543d08f9dee3e68c67419a
SHA256	62739458c97ae85da3ab1ebaa2a5a933a023e4db1449721b0ddb5197b8f544d5
SSDeep	3:oFjQvNjoMT4FL:oyjoMT4l
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	e59fa4eb92eec1b48440ddd423972f61
SHA1	b3c54602b047d749f611f6e84d47280f0dc20def
SHA256	a80a1af1f1cc56a7d465109793c676bc1dac9e4f9e1024cec67b41fbcb1dd691
SSDeep	3:oFjQvNjoMT4ky:oyjoMT4ky
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	8786f1b5f3f285faa37f138a162f177f
SHA1	2a3d48af4ad245b1ee9eb9ad0f79162636005b57
SHA256	8e692844e4658fb423719372ffc00068c4a93f3419606e1b5b622a741d066df7
SSDeep	3:oFjQvNjoMT4+cIOvn:oyjoMT4+LA
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	ca71159dbdb262043fa32de82df545ca
SHA1	841dce9c0a369fa13f8b91e15e0d89eb531c115c
SHA256	0b17a708a9568dc454ad105a8d1a165f470215dc50320f66a8e9d0aaa514cca0
SSDeep	3:oFjQvNjoMT4tey:oyjoMT4tf
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	299ecbfcb825b8d6b48167367173650a
SHA1	8002189780c1ca2527e3bb75541cb50abfa54293
SHA256	96c04e91c9a10f7826312dacac99b06503ddd78a3d5bd3df9b1db2fa31b7efbc
SSDeep	3:oFjQvNjoMT47Wyn:oyjoMT4Ln
ImpHash	-

C:\ProgramData\Oracle\Java\.oracle_jre_usage\17dfc292991c7ca0.timestamp

Dropped File

Text

»

MIME Type	text/plain
File Size	51 Bytes
MD5	4a3d0fd26918c7540ac36d9b9807d953
SHA1	b58558ef468d9540a7032300a60d7b8d8df41b66
SHA256	f37a29162697c3d4550b44ef5f71173b0e450b72e09982f67be01e5eeb036a27
SSDeep	3:oFjQvNjoMT4T:oyjoMT4T
ImpHash	-

a0v2H8.jar

Extracted File

Java Archive

»

Parent File	C:\Users\RDhJ0CNFevzX\Desktop\7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027.doc
MIME Type	application/java-archive
File Size	160.62 KB
MD5	5fce04720a34d47ce0d474f4571ae901
SHA1	66f0ff1759880ee5afc62968a4d135743a4b6888
SHA256	8cb74bd01205df1e777cc8c1a343aa65287909cd72aa7b8388f4c32024dce624
SSDeep	3072:nHtZMJGepfzX0wzh3ai4MhIcm3o9wpqmkAiye3Y6/tocHRXiIsWckuHvDdbFjW0V:nHtmJnbEwVak+5BoY6/KcWbog
ImpHash	-

image2.png

Extracted File

Image

»

Parent File	C:\Users\RDhJ0CNFevzX\Desktop\7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027.doc
MIME Type	image/png
File Size	67.28 KB
MD5	94c3e4696f04cb7960042417cf39fe07
SHA1	ec45840f87b3ac5812f9ce765cd398aeeb2a659c
SHA256	a1566d12b7bee123511040635ae34d71e23ae1f73706347eb5926a61ab72bdb7
SSDeep	1536:BsvJG1S1KOhGCAZmweGEjZv9mX+DZL8mI2dEN2vT4q+b:OvJM0AZUr1v9BZQOsq+b
ImpHash	-

image1.PNG

Extracted File

Image

»

Parent File	C:\Users\RDhJ0CNFevzX\Desktop\7859fd95c60a0d76fa99eb42277501b20f76a377c1395b504acff5dd22533027.doc
MIME Type	image/png
File Size	8.77 KB
MD5	25902859a8786c02c68f6aa66c151c7c
SHA1	8829ddf4bc5cb5ab8a4c510cad67b27fe3ee2be9
SHA256	67ba24dd3354c3e058b032fbaf799d9f0d11fd35fa9b80a9dedaa3abffe32893
SSDeep	192:r/UrdFouQWn/Mjnh2LqFNB7pf/VVC8dOx9MRMbQMAIimhM6we4RxCofEq:jUrQuQJELc1VI8sx6MbQMAIVGRxdcq
ImpHash	-

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

WHOIS Domain Information

Screenshot