a7d5e07a...fa3f | Files
Try VMRay Analyzer
VTI SCORE: 94/100
Dynamic Analysis Report
Classification: -

Remarks (1/1)

(0x200002e). Some of the analysis artifacts were not scanned by local AV due to an error. Check logs or contact support for further info.

Filters:
Filename Category Type Severity Actions
f2db835de6dd98cd3f8e9dffe664f3d879c3587737ba7196f76b3a00786f009a Embedded File Text
Malicious
»
Parent File C:\Users\aETAdzjz\Desktop\Edwin Dewitt - CV.doc
Mime Type text/javascript
File Size 19.03 KB
MD5 f0d3dbe1152ad89cee2ea8b93d0c0c1d Copy to Clipboard
SHA1 5efc1bd1a04a6c13d1da5f0234b2d7a24cb19c8f Copy to Clipboard
SHA256 f2db835de6dd98cd3f8e9dffe664f3d879c3587737ba7196f76b3a00786f009a Copy to Clipboard
SSDeep 384:2M/H86U/C0QuAlZZieujOddxMwkc9eJrpjsHFyP:v5oiuA1rnPxM9cMcFyP Copy to Clipboard
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
JS_Eval JavaScript calls eval function; possible obfuscation -
Malicious
C:\Users\aETAdzjz\Desktop\Edwin Dewitt - CV.doc Sample File Word Document
Unknown
»
Mime Type application/msword
File Size 78.00 KB
MD5 9101eab7cffc2c51521e487931351a27 Copy to Clipboard
SHA1 b84fb3dcd385ca64ca048d0f9eebb258931bd0bc Copy to Clipboard
SHA256 a7d5e07a01541e7f37a9843996b35e821cd5301749ad7ada36e32a9d4c84fa3f Copy to Clipboard
SSDeep 1536:NfOAUqlwiUsAxEt5sYSDRl31iaM6sY3DQ3yIu:NfOqzjtKYSleNYv1 Copy to Clipboard
Local AV Information
»
Errors Connecting to the AV engine failed
Failed AV scans -
Office Information
»
Creator PC
Last Modified By Пользователь Windows
Revision 3
Create Time 2019-07-23 20:04:00+00:00
Modify Time 2019-07-24 10:50:00+00:00
Document Information
»
Application Microsoft Office Word
App Version 12.0
Template Normal
Document Security SecurityFlag.NONE
Editing Time 840.0
Page Count 1
Line Count 1
Paragraph Count 1
Word Count 24
Character Count 138
Chars With Spaces 161
Heading Pairs Название
scale_crop False
shared_doc False
Controls (2)
»
CLSID Control Name Associated Vulnerability
{00020906-0000-0000-C000-000000000046} Word97 -
{F20DA720-C02F-11CE-927B-0800095AE340} Packager6 EmbeddedFile
c:\users\aetadzjz\appdata\roaming\microsoft\windows\recent\customdestinations\0ulni9hnju5klneyfyon.temp Dropped File Stream
Unknown
»
Also Known As c:\users\aetadzjz\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms (Dropped File)
Mime Type application/octet-stream
File Size 7.85 KB
MD5 8e98b6fe6ff745120849ecbd93d92ca0 Copy to Clipboard
SHA1 7e5f6163318c2a6f9149c5f334675105871e0e07 Copy to Clipboard
SHA256 0a5a2e32a0afb3bf761c84c0c68eb21a2148fc651a8170ba83f61b146009a77e Copy to Clipboard
SSDeep 96:WluC6MqYqvsqvJCwom0S0iluC6MqYqvsEHyqvJCworc0S0FnJ0H30F0nYQlUVQ09:0sBom0S0gsZHnorc0S0F40F0nYk0M0D Copy to Clipboard
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image