bded6d7d...74b7

VTI SCORE: 100/100

Dynamic Analysis Report

Classification: Backdoor, Trojan, Dropper, Downloader

bded6d7de58298b9f1b3a5b0a502bd6cd2fb54e29d474c74ec5ff140d9b474b7 (SHA256)

Doc379450.doc

Word Document

Created at 2018-09-07 17:11:00

Notifications (1/1)

The operating system was rebooted during the analysis.

Top Threat Indicators (View all 40 threat indicators)

Category	Operation	Classification
Injection	Writes into the memory of a process running from a created or modified executable	-
Injection	Modifies control flow of a process running from a created or modified executable	-
Network	Sets up server that accepts incoming connections	Backdoor

Screenshots

Monitored Processes

Analysis Information

Creation Time	2018-09-07 19:11 (UTC+2)
Analysis Duration	00:05:10
Number of Monitored Processes	10
Execution Successful
Reputation Enabled
WHOIS Enabled
YARA Enabled
Termination Reason	Timeout
Tags

Sample Information

ID	#211130
MD5	65baea6359cc6ef20f2c619fac3c9f84
SHA1	bb42e9ddec4146517f03d790e73b995565d573be
SHA256	bded6d7de58298b9f1b3a5b0a502bd6cd2fb54e29d474c74ec5ff140d9b474b7
SSDeep	768:kpJcaUitGAlmrJpmxlzC+w99NBB+1ohVBSrNrmeBdtIMlq8fip:kptJlmrJpmxlRw99NBB+ahDIrm
Filename	Doc379450.doc
File Size	78.25 KB
File Type	Word Document
Has VBA Macros

Analyzer Information

Dynamic Analyzer Build Date	2018-07-24 20:08 (UTC+2)
Dynamic Analyzer Version	2.4.0
Static Analyzer Version	1.0.0
VTI Ruleset Version	3.0
YARA Built-in Ruleset Version	1.0
Analysis Report Layout Version	3

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".