e824650b...1486 | Yara
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Downloader

Info_Project_BSV_2019.docm

Word Document

Created at 2019-06-18T08:41:00

...

Detection Information

Local AV Applied On Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps, Embedded Files
YARA Applied On Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps, Embedded Files
Local AV Matches (4)
»
File Type Threat Name Filename Severity Actions
Sample File VB:Trojan.Emeka.556 C:\Users\aETAdzjz\Desktop\Info_Project_BSV_2019.docm
Malicious
...
Embedded File VB:Trojan.Emeka.556 9e85d5b14d6d482eaa03c358dd0a88cf1fb215f26a872ad11623e7e56042486d
Malicious
...
Downloaded File Gen:Heur.Ransom.Imps.3 43cfb0a439705ab2bd7c46b39a7265ff0a14f7bd710b3e1432a9bdc4c1736c49
Malicious
...
PCAP File Gen:Heur.Ransom.Imps.3 analysis.pcap
Malicious
...
  • Local AV Actions
YARA Matches (2)
»
Ruleset Name Rule Name Rule Description File Type Filename Classification Severity Actions
Generic VBA_Download_Commands VBA macro may attempt to download external content; possible dropper Sample File C:\Users\aETAdzjz\Desktop\Info_Project_BSV_2019.docm -
Suspicious
...
Generic VBA_Execution_Commands VBA macro may execute files or system commands Sample File C:\Users\aETAdzjz\Desktop\Info_Project_BSV_2019.docm -
Suspicious
...
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image