83b0d7926fb2c5bc0708d9201043107e8709d77f2cd2fb5cb7693b2d930378d2 (SHA256)
Invitation CBS 2018 .doc.rtf
Created at 2018-08-05 19:04:00
YARA Information
Applied On | Sample Files, PCAP File, Created Files, Modified Files, Process Dumps |
Number of YARA matches | 5 |
Ruleset Name | Rule Name | Rule Description | File Type | Filename | Classification | Severity | Actions |
---|---|---|---|---|---|---|---|
Malware | Retefe | Retefe banking trojan | Sample File | C:\Users\Nd9E1FYi\Desktop\Invitation CBS 2018 .doc.rtf | Spyware |
5/5
|
|
Generic | VBA_Create_File | VBA macro contains file creation commands; possible dropper | Created File | C:\Users\Nd9E1FYi\AppData\Roaming\Microsoft\Excel\XLSTART\AddIn.XLAM | - |
3/5
|
|
Generic | VBA_Execution_Commands | VBA macro may execute files or system commands | Created File | C:\Users\Nd9E1FYi\AppData\Roaming\Microsoft\Excel\XLSTART\AddIn.XLAM | - |
3/5
|
|
Generic | VBA_Create_File | VBA macro contains file creation commands; possible dropper | Created File | C:\Users\Nd9E1FYi\AppData\Roaming\Microsoft\Excel\XLSTART\AddIn.XLAM | - |
3/5
|
|
Generic | VBA_Execution_Commands | VBA macro may execute files or system commands | Created File | C:\Users\Nd9E1FYi\AppData\Roaming\Microsoft\Excel\XLSTART\AddIn.XLAM | - |
3/5
|
|