ID: Sample Name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 06:35:29 Date:
Size: px
Start display at page:

Download "ID: Sample Name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 06:35:29 Date:"

Transcription

1 ID: Sample Name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 06:35:29 Date: 31/12/2017 Version:

2 Table of Contents Analysis Report Overview Information Detection Confidence Classification Analysis Advice Signature Overview Networking: Data Obfuscation: System Summary: Hooking and other Techniques for Hiding and Protection: Simulations Behavior and APIs Antivirus Detection Initial Sample Dropped Files Domains Yara Overview Initial Sample PCAP (Network Traffic) Dropped Files Memory Dumps Unpacked PEs Joe Sandbox View / Context IPs Domains ASN Dropped Files Screenshot Startup Created / dropped Files Contacted Domains/Contacted IPs Contacted Domains Contacted IPs Static File Info File Icon Static OLE Info OLE File "xl/vbaproject.bin" Indicators Streams with VBA VBA File Name: Module1.bas, Stream Size: 1712 VBA Code Keywords VBA Code VBA File Name: Sheet1.cls, Stream Size: 977 VBA Code Keywords VBA Code VBA File Name: Sheet2.cls, Stream Size: 977 VBA Code Keywords VBA Code Table of Contents VBA File Name: Sheet3.cls, Stream Size: Copyright Joe Security LLC 2017 Page 2 of

3 VBA Code Keywords VBA Code VBA File Name: Sheet4.cls, Stream Size: 977 VBA Code Keywords VBA Code VBA File Name: Sheet5.cls, Stream Size: 977 VBA Code Keywords VBA Code VBA File Name: ThisWorkbook.cls, Stream Size: 985 VBA Code Keywords VBA Code VBA File Name: UserForm1.frm, Stream Size: VBA Code Keywords VBA Code Streams PROJECT, ASCII text, with CRLF line terminators, Stream Size: 769 PROJECTwm,, Stream Size: 200 UserForm1/\x1CompObj,, Stream Size: 97 UserForm1/\x3VBFrame, ASCII text, with CRLF line terminators, Stream Size: 294 UserForm1/f,, Stream Size: 131 UserForm1/i77/\x1CompObj,, Stream Size: 115 UserForm1/i77/f,, Stream Size: 176 UserForm1/i77/i79/\x1CompObj,, Stream Size: 110 UserForm1/i77/i79/f,, Stream Size: 1060 UserForm1/i77/i79/i102/\x1CompObj,, UserForm1/i77/i79/i102/f,, Stream Size: 173 UserForm1/i77/i79/i102/o,, Stream Size: 56 UserForm1/i77/i79/i104/\x1CompObj,, UserForm1/i77/i79/i104/f,, Stream Size: 173 UserForm1/i77/i79/i104/o,, Stream Size: 56 UserForm1/i77/i79/i106/\x1CompObj,, UserForm1/i77/i79/i106/f,, Stream Size: 177 UserForm1/i77/i79/i106/o,, Stream Size: 56 UserForm1/i77/i79/i108/\x1CompObj,, UserForm1/i77/i79/i108/f,, Stream Size: 165 UserForm1/i77/i79/i108/o,, Stream Size: 56 UserForm1/i77/i79/i110/\x1CompObj,, UserForm1/i77/i79/i110/f,, Stream Size: 185 UserForm1/i77/i79/i110/o,, Stream Size: 104 UserForm1/i77/i79/i113/\x1CompObj,, UserForm1/i77/i79/i113/f,, Stream Size: 193 UserForm1/i77/i79/i113/o,, Stream Size: 104 UserForm1/i77/i79/i116/\x1CompObj,, UserForm1/i77/i79/i116/f,, Stream Size: 197 UserForm1/i77/i79/i116/o,, Stream Size: 104 UserForm1/i77/i79/i119/\x1CompObj,, UserForm1/i77/i79/i119/f,, Stream Size: 197 Copyright Joe Security LLC 2017 Page 3 of

4 UserForm1/i77/i79/i119/o,, Stream Size: UserForm1/i77/i79/i121/\x1CompObj,, UserForm1/i77/i79/i121/f,, Stream Size: UserForm1/i77/i79/i121/o,, Stream Size: UserForm1/i77/i79/i124/\x1CompObj,, UserForm1/i77/i79/i124/f,, Stream Size: UserForm1/i77/i79/i124/o,, Stream Size: UserForm1/i77/i79/i126/\x1CompObj,, UserForm1/i77/i79/i126/f,, Stream Size: UserForm1/i77/i79/i126/o,, Stream Size: UserForm1/i77/i79/i129/\x1CompObj,, UserForm1/i77/i79/i129/f,, Stream Size: UserForm1/i77/i79/i129/o,, Stream Size: UserForm1/i77/i79/i132/\x1CompObj,, UserForm1/i77/i79/i132/f,, Stream Size: UserForm1/i77/i79/i132/o,, Stream Size: UserForm1/i77/i79/i134/\x1CompObj,, UserForm1/i77/i79/i134/f,, Stream Size: UserForm1/i77/i79/i134/o,, Stream Size: UserForm1/i77/i79/i136/\x1CompObj,, UserForm1/i77/i79/i136/f,, Stream Size: UserForm1/i77/i79/i136/o,, Stream Size: UserForm1/i77/i79/i171/\x1CompObj,, UserForm1/i77/i79/i171/f,, Stream Size: UserForm1/i77/i79/i171/o,, Stream Size: UserForm1/i77/i79/i173/\x1CompObj,, UserForm1/i77/i79/i173/f,, Stream Size: UserForm1/i77/i79/i173/o,, Stream Size: UserForm1/i77/i79/i175/\x1CompObj,, UserForm1/i77/i79/i175/f,, Stream Size: UserForm1/i77/i79/i175/o,, Stream Size: UserForm1/i77/i79/i178/\x1CompObj,, UserForm1/i77/i79/i178/f,, Stream Size: UserForm1/i77/i79/i178/o,, Stream Size: UserForm1/i77/i79/i181/\x1CompObj,, UserForm1/i77/i79/i181/f,, Stream Size: UserForm1/i77/i79/i181/o,, Stream Size: UserForm1/i77/i79/i183/\x1CompObj,, UserForm1/i77/i79/i183/f,, Stream Size: UserForm1/i77/i79/i183/o,, Stream Size: UserForm1/i77/i79/i185/\x1CompObj,, UserForm1/i77/i79/i185/f,, Stream Size: UserForm1/i77/i79/i185/o,, Stream Size: Copyright Joe Security LLC 2017 Page 4 of 45

5 UserForm1/i77/i79/i192/\x1CompObj,, UserForm1/i77/i79/i192/f,, Stream Size: 185 UserForm1/i77/i79/i192/o,, Stream Size: 56 UserForm1/i77/i79/i97/\x1CompObj,, UserForm1/i77/i79/i97/f,, Stream Size: 209 UserForm1/i77/i79/i97/i99/\x1CompObj,, UserForm1/i77/i79/i97/i99/f,, Stream Size: 156 UserForm1/i77/i79/i97/i99/o,, Stream Size: 104 UserForm1/i77/i79/i97/o,, Stream Size: 56 UserForm1/i77/i79/o,, Stream Size: 56 UserForm1/i77/i80/\x1CompObj,, Stream Size: 110 UserForm1/i77/i80/f,, Stream Size: 48 UserForm1/i77/i80/o, empty, Stream Size: 0 UserForm1/i77/o,, Stream Size: 152 UserForm1/i77/x,, Stream Size: 48 UserForm1/o, empty, Stream Size: 0 VBA/_VBA_PROJECT,, Stream Size: 5054 VBA/ SRP_0,, Stream Size: 1653 VBA/ SRP_1,, Stream Size: 106 VBA/ SRP_2,, Stream Size: 198 VBA/ SRP_3,, Stream Size: 144 VBA/dir,, Stream Size: 952 Network Behavior Code Manipulations Statistics System Behavior Analysis Process: EXCEL.EXE PID: 3288 Parent PID: 2944 File Activities File Created File Written Registry Activities Key Created Disassembly Code Analysis Copyright Joe Security LLC 2017 Page 5 of 45

6 Analysis Report Overview Information Joe Sandbox Version: Analysis ID: Start time: 06:35:29 Joe Sandbox Product: CloudBasic Start date: Overall analysis duration: Hypervisor based Inspection enabled: Report type: 0h 3m 37s Sample file name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook file name: false light defaultwindowsofficecookbook.jbs Analysis system description: Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java ) Number of analysed new started processes analysed: 4 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies Detection: Classification: SUS HCA enabled EGA enabled HDC enabled GSI enabled (VBA) sus21.evad.winxlsm@1/4@0/0 HCA Information: Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0 EGA Information: HDC Information: Cookbook Comments: Warnings: Failed Failed Found application associated with file extension:.xlsm Found Word or Excel or PowerPoint document Simulate clicks Number of clicks 1 Close Viewer Show All Exclude process from analysis (whitelisted): WmiApSrv.exe, dllhost.exe Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtQueryValueKey calls found. Report size getting too big, too many NtSetInformationFile calls found. Skipping Hybrid Code Analysis (implementation is based on Java,.Net, VB or Delphi, or parses a document) for: EXCEL.EXE Detection Strategy Score Range Reporting Detection Threshold Report FP / FN Copyright Joe Security LLC 2017 Page 6 of 45

7 Confidence Strategy Score Range Further Analysis Required? Threshold true Confidence Classification Ransomware Miner Spreading malicious malicious malicious Evader Phishing suspicious suspicious suspicious clean clean clean Exploiter Banker Spyware Trojan / Bot Adware Analysis Advice No malicious behavior found, analyze the document also on other version of Office / Acrobat Copyright Joe Security LLC 2017 Page 7 of 45

8 Sample has a GUI, but Joe Sandbox has not found any clickable buttons, likely more UI automation may extend behavior Signature Overview Networking Data Obfuscation System Summary Hooking and other Techniques for Hiding and Protection Click to jump to signature section Networking: Urls found in memory or binary Data Obfuscation: Document contains an embedded VBA with many string operations indicating source code obfuscation System Summary: Checks whether correct version of.net is installed Found graphical window changes (likely an installer) Document is a ZIP file with path names indicative for goodware Checks if Microsoft Office is installed Uses new MSVCR Dlls Binary contains paths to debug symbols Binary contains paths to development resources Classification label Creates temporary files Reads ini files Reads software policies Sample is known by Antivirus (Virustotal or Metascan) Uses an in-process (OLE) Automation server Document contains embedded VBA macros Document misses a certain OLE stream usually present in this Microsoft Office document type Office document includes a Visual Basic Macro Hooking and other Techniques for Hiding and Protection: Disables application error messsages (SetErrorMode) Copyright Joe Security LLC 2017 Page 8 of 45

9 Simulations Behavior and APIs No simulations Antivirus Detection Initial Sample Source Detection Cloud Link SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm 0% virustotal Browse Dropped Files No Antivirus matches Domains No Antivirus matches Yara Overview Initial Sample No yara matches PCAP (Network Traffic) No yara matches Dropped Files No yara matches Memory Dumps No yara matches Unpacked PEs No yara matches Joe Sandbox View / Context IPs No context Domains No context Copyright Joe Security LLC 2017 Page 9 of 45

10 ASN No context Dropped Files No context Screenshot Startup System is w7 cleanup EXCEL.EXE (PID: 3288 cmdline: 'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /dde MD5: EDBB91DA84FC102425BFDA957E) Created / dropped Files C:\Users\HERBBL~1\AppData\Local\Temp\VBE\MSForms.exd MD5: BD20550A E2F7D8E0480A5EE3 Copyright Joe Security LLC 2017 Page 10 of 45

11 C:\Users\HERBBL~1\AppData\Local\Temp\VBE\MSForms.exd SHA1: SHA-256: SHA-512: Malicious: Reputation: 79E3DDBC1A4EA661D2B965E5C949BC8AE2F5D2DF 5C48D5ABF8C5A57409B9BBF4265B328D11401BB300E17B9F2D7D89ED378D76CC 0830CEEFF48EB400A64F9D3BD039876E507E3E46F0EACB52AC25C6660F4D1DD35A51C6AB299B31D536D8A5785CDE7106 DF5566D03B4FA00A7316BB0D63C8DC0E false low C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\SSB SBV Daily Report - Logistics Template DEC '17 (8).LNK MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=sun Sep 24 13:59: , mtime=sun Sep 24 13:59: , atime=sun Dec 31 05:35: , length=79292, window=hide MD5: SHA1: SHA-256: SHA-512: Malicious: Reputation: D15FD6E801A98D9F44F9B2C882E8E3FF A9B8A0B6977A65268FD31C9B02D55 59BECBCD1038FE477F2A6B A454542F D8EBE DFB37A8B46EE8D51B7599FED40FAF D2D1E1972DF5E2A1158DFE6FAB923675C8D251B12242C7430A7A 20BC8D0B32119A4E922C0D false low C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat MD5: SHA1: SHA-256: SHA-512: Malicious: Reputation: ASCII text, with CRLF line terminators BFD56CC4DA6F BF8A77BD7B2 287F2E251E23408D8FF408EA92B2FAE03918CD71 FABD49DA68DF590A8A7955FC4D894207D5ADA28BCFB71FC7F6F92AEF4D84C306 5B9FC2DE3E072AF4C14F79F703A0713F753B85909D6DE4A78E6379E85F16E1745A8BA6EB1653AACAF84C648317F A1FECE17F298C5371B8F161B270BE28 false low C:\Users\user\Desktop\~$SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm MD5: SHA1: SHA-256: SHA-512: Malicious: Reputation: 3DB57C825E10B373BE838EB89784C B7A62E5D5A234CB3D654A4CDD02F8EAA8BEE0 1C6801A064A0D077FD545EE311F68B65E7F2900C0C0E93A2AA64918AE31BC444 2AB92D7DAD022614DE5FDAD6378EE2D3E4796AFCC98DA3C6D96A475A1EE4773DB9DCB687B6A651EF9EC2201B688ED2 F0557A92DCDC5B7CA86F9B966A82A1C563 true moderate, very likely benign file Contacted Domains/Contacted IPs Contacted Domains No contacted domains info Contacted IPs No contacted IP infos Static File Info File type: Microsoft Excel TrID: Excel Microsoft Office Open XML Format document with Macro (57504/1) 51.34% Excel Microsoft Office Open XML Format document (50504/1) 45.09% ZIP compressed archive (4004/1) 3.57% File name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm File size: MD5: SHA1: eb396b45d9cbf6e9c3d021b113329f59 845fb107b ea7655f4a9783cc3fd238 Copyright Joe Security LLC 2017 Page 11 of 45

12 SHA256: SHA512: bff cf74c135a05c97ce0488bbfdb5f3dd24 dde51d069c5142b1 3e55dd48f4c8bc82d7e59c7a42dc904ecd51582cebc e5a05d75d75d911821bade e63654d c1ea6017f9aebb05b3be9928da3072bc3192 File Content Preview: PK...!.*q...[Content_Types].xml...( File Icon Static OLE Info Document Type: OpenXML Number of OLE Files: 1 OLE File "xl/vbaproject.bin" Indicators Has Summary Info: Application Name: unknown Encrypted Document: Contains Word Document Stream: Contains Workbook/Book Stream: Contains PowerPoint Document Stream: Contains Visio Document Stream: Contains ObjectPool Stream: Flash Objects Count: 0 Contains VBA Macros: True Streams with VBA VBA File Name: Module1.bas, Stream Size: 1712 VBA File Name: Stream Size: 1712 VBA/Module1 Module1.bas : > 1 P x M E Data Raw: f c d b ff ff ff ff 3a ba e ff ff ff b6 00 ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword Call_UF() Attribute Clear_month.VB_ProcData.VB_Invoke_Func Clear_month() VB_Name Selection.ClearContents Macro VBA Code VBA File Name: Sheet1.cls, Stream Size: 977 Copyright Joe Security LLC 2017 Page 12 of 45

13 VBA File Name: Stream Size: 977 VBA/Sheet1 Sheet1.cls > # x M E Data Raw: f c d ff ff ff ff cb f e d ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword VB_Exposed Attribute VB_Name VB_Creatable VB_PredeclaredId VB_GlobalNameSpace VB_Base VB_Customizable VB_TemplateDerived VBA Code VBA File Name: Sheet2.cls, Stream Size: 977 VBA File Name: Stream Size: 977 VBA/Sheet2 Sheet2.cls > 1 ` a.... # x M E Data Raw: f c d ff ff ff ff cb f e ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword VB_Exposed Attribute VB_Name VB_Creatable VB_PredeclaredId VB_GlobalNameSpace VB_Base VB_Customizable VB_TemplateDerived VBA Code VBA File Name: Sheet3.cls, Stream Size: 977 VBA/Sheet3 VBA File Name: Sheet3.cls Stream Size: 977 Copyright Joe Security LLC 2017 Page 13 of 45

14 > # x M E Data Raw: f c d ff ff ff ff cb f e 31 a0 7f ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword VB_Exposed Attribute VB_Name VB_Creatable VB_PredeclaredId VB_GlobalNameSpace VB_Base VB_Customizable VB_TemplateDerived VBA Code VBA File Name: Sheet4.cls, Stream Size: 977 VBA File Name: Stream Size: 977 VBA/Sheet4 Sheet4.cls > 1. I.... # x M E Data Raw: f c d ff ff ff ff cb f e 31 be ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword VB_Exposed Attribute VB_Name VB_Creatable VB_PredeclaredId VB_GlobalNameSpace VB_Base VB_Customizable VB_TemplateDerived VBA Code VBA File Name: Sheet5.cls, Stream Size: 977 VBA File Name: Stream Size: 977 VBA/Sheet5 Sheet5.cls > # x M E Copyright Joe Security LLC 2017 Page 14 of 45

15 Data Raw: f c d ff ff ff ff cb f e 31 fd be ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword VB_Exposed Attribute VB_Name VB_Creatable VB_PredeclaredId VB_GlobalNameSpace VB_Base VB_Customizable VB_TemplateDerived VBA Code VBA File Name: ThisWorkbook.cls, Stream Size: 985 VBA File Name: Stream Size: 985 VBA/ThisWorkbook ThisWorkbook.cls > 1 B..... # x M E Data Raw: f c d ff ff ff ff cb f e d ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff VBA Code Keywords Keyword VB_Exposed Attribute VB_Name VB_Creatable "ThisWorkbook" VB_PredeclaredId VB_GlobalNameSpace VB_Base VB_Customizable VB_TemplateDerived VBA Code VBA File Name: UserForm1.frm, Stream Size: VBA File Name: Stream Size: VBA/UserForm1 UserForm1.frm L s ' > 1 K x M E Data Raw: f d c ff ff ff ff e 31 4b 7f ff ff b6 00 ff ff ff ff ff ff ff ff ff ff ff ff Copyright Joe Security LLC 2017 Page 15 of 45

16 VBA Code Keywords Keyword 'Last Format(Sheets("Capture").Range("A" VB_Base VB_Creatable VB_Exposed Attribute VB_PredeclaredId VB_GlobalNameSpace Sheets("Capture").Range("A" VB_Name Private VB_Customizable VB_TemplateDerived "HH:MM") VBA Code Streams PROJECT, ASCII text, with CRLF line terminators, Stream Size: 769 Stream Size: 769 PROJECT Entropy: ASCII text, with CRLF line terminators True I D = " { A 2 F 6 8 A 8 D - D E C A D F 6 D 2 1 } ".. D o c u m e n t = T h i s W o r k b o o k / & H D o c u m e n t = S h e e t 1 / & H D o c u m e n t = S h e e t 2 / & H P a c k a g e = { A C 9 F 2 F E C E - 9 F A A A 4 F }.. B a s e C l a s s = U s e r F o r m 1.. M o d u l e = M o d u l e 1.. D o c u m e n t = S h e e t 3 / & H D o c u m e n t Data Raw: d 22 7b d d d d d 22 0d 0a 44 6f d 65 6e 74 3d f 72 6b 62 6f 6f 6b 2f d 0a 44 6f d 65 6e 74 3d f d 0a 44 6f d 65 6e 74 3d f PROJECTwm,, Stream Size: 200 Stream Size: 200 PROJECTwm Entropy: T h i s W o r k b o o k. T. h. i. s. W. o. r. k. b. o. o. k... S h e e t 1. S. h. e. e. t S h e e t 2. S. h. e. e. t U s e r F o r m 1. U. s. e. r. F. o. r. m M o d u l e 1. M. o. d. u. l. e S h e e t 3. S. h. e. e. t S h e e t 4. S. h. e. e. t S h e e t 5. S. h. e. e. t Data Raw: f 72 6b 62 6f 6f 6b f b f 00 6f 00 6b f 72 6d f d d 6f c d 00 6f c UserForm1/\x1CompObj,, Stream Size: 97 UserForm1/\x1CompObj Stream Size: 97 Entropy: Copyright Joe Security LLC 2017 Page 16 of 45

17 M i c r o s o f t F o r m s 2. 0 F o r m..... E m b e d d e d O b j e c t q Data Raw: fe ff 03 0a ff ff ff ff d f 73 6f f 72 6d e f 72 6d d f 62 6a f4 39 b UserForm1/\x3VBFrame, ASCII text, with CRLF line terminators, Stream Size: 294 Stream Size: 294 UserForm1/\x3VBFrame Entropy: ASCII text, with CRLF line terminators V E R S I O N B e g i n { C 6 2 A 6 9 F D C C E - 9 E A A A 4 F } U s e r F o r m 1.. C a p t i o n = " U s e r F o r m 1 ".. C l i e n t H e i g h t = C l i e n t L e f t = C l i e n t T o p = C l i e n t W i d t h = S t a r t U p P o s i t i o n = 1 ' C e n t e r O w Data Raw: True f 4e e d 0a e 20 7b d d d d d f 72 6d d 0a f 6e d f 72 6d d 0a c e d 20 UserForm1/f,, Stream Size: 131 Stream Size: 131 UserForm1/f Entropy: $ }... Y.. K R K. Q D B... T a h o m a ( M... # M u l t i P a g e Data Raw: c 10 0c c ff ff f d b e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d d a d d 75 6c e UserForm1/i77/\x1CompObj,, Stream Size: 115 Stream Size: 115 UserForm1/i77/\x1CompObj Entropy: p.. F z? a M i c r o s o f t F o r m s 2. 0 F o r m..... E m b e d d e d O b j e c t..... F o r m s. M u l t i P a g e q Data Raw: fe ff 03 0a ff ff ff ff e3 46 7a 3f ce 11 be d6 00 aa d f 73 6f f 72 6d e f 72 6d d f 62 6a f 72 6d 73 2e 4d 75 6c UserForm1/i77/f,, Stream Size: 176 Stream Size: 176 UserForm1/i77/f Entropy: $. H p.... }.. L Y p N $ O... # P a g e 1 O n ,..... $ P...! P a g e 2 O n , Data Raw: c 00 0c c c d c e e d f f 6e c d Copyright Joe Security LLC 2017 Page 17 of 45

18 UserForm1/i77/i79/\x1CompObj,, Stream Size: 110 Stream Size: 110 Entropy: Data Raw: UserForm1/i77/i79/\x1CompObj i * W J O.... M i c r o s o f t F o r m s 2. 0 F o r m..... E m b e d d e d O b j e c t..... F o r m s. F o r m q fe ff 03 0a ff ff ff ff f0 69 2a c6 dc 16 ce 11 9e aa a 4f d f 73 6f f 72 6d e f 72 6d d f 62 6a d f 72 6d 73 2e 46 6f 72 6d 2e f4 39 b UserForm1/i77/i79/f,, Stream Size: 1060 Stream Size: 1060 UserForm1/i77/i79/f Entropy: $. H C.... }... X r.. $ a... # F r a m e $ f... # F r a m e $ h... # F r a m e $ j... # F r a m e $ l... # F r a m e $. Data Raw: c 00 0c c d e f d e d ca d e d UserForm1/i77/i79/i102/\x1CompObj,, UserForm1/i77/i79/i102/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i102/f,, Stream Size: 173 Stream Size: 173 UserForm1/i77/i79/i102/f Entropy: H... g } N E D A r e a / R e g i o n.. R K. Q D B... T a h o m h o A g C o m b o B o x 2 E e N E D _ R E G I O N e. Data Raw: c 1a 0c f ff ff d f e f f 6e e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i102/o,, Stream Size: 56 UserForm1/i77/i79/i102/o Stream Size: 56 Entropy: Copyright Joe Security LLC 2017 Page 18 of 45

19 .... A H.,.... ]... { T a h o m a.. Data Raw: b c d b a f 6d UserForm1/i77/i79/i104/\x1CompObj,, UserForm1/i77/i79/i104/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i104/f,, Stream Size: 173 Stream Size: 173 UserForm1/i77/i79/i104/f Entropy: H... i } R u n / T e a m N u m b e r.. R K. Q D B... T a h o m h o A i C o m b o B o x 3 N e R U N _ N U M B E R e. Data Raw: c 1a 0c f ff ff d f e 2f d 20 4e 75 6d e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i104/o,, Stream Size: 56 Stream Size: 56 UserForm1/i77/i79/i104/o Entropy: A H.,.... ]... { T a h o m a.. Data Raw: b c d b a f 6d 61 7f 00 UserForm1/i77/i79/i106/\x1CompObj,, UserForm1/i77/i79/i106/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i106/f,, Stream Size: 177 UserForm1/i77/i79/i106/f Stream Size: 177 Entropy: Copyright Joe Security LLC 2017 Page 19 of 45

20 .. D. H... k } V e h i c l e R e g i s t r a t o n. R K. Q D B... T a h o m h o A k C o m b o B o x 4 R e V E H I C L E _ R E G. Data Raw: c 1a 0c 6b ff ff d f c f 6e e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i106/o,, Stream Size: 56 Stream Size: 56 UserForm1/i77/i79/i106/o Entropy: A H.,.... ]... { T a h o m a x 2 Data Raw: b c d b a f 6d UserForm1/i77/i79/i108/\x1CompObj,, UserForm1/i77/i79/i108/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i108/f,, Stream Size: 165 Stream Size: 165 UserForm1/i77/i79/i108/f Entropy: H. H... m } T o t a l S B V s t a f f o n t r u c k. R K. Q D B... T a h o m a h o.. ( m C o m b o B o x 9 E G Data Raw: c 1a 0c 6d ff ff d f f c f 6e b e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i108/o,, Stream Size: 56 Stream Size: 56 UserForm1/i77/i79/i108/o Entropy: A H.,.... q... { T a h o m a 3. Data Raw: b c b a f 6d UserForm1/i77/i79/i110/\x1CompObj,, UserForm1/i77/i79/i110/\x1CompObj Copyright Joe Security LLC 2017 Page 20 of 45

21 n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i110/f,, Stream Size: 185 Stream Size: 185 UserForm1/i77/i79/i110/f Entropy: H... p } D u t y O n.. R K. Q D B... T a h o m a.... T o.. $ o T e x t B o x $ p T e x t B o x 2 " Data Raw: c 1a 0c ff ff d f f 6e 0a e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e f UserForm1/i77/i79/i110/o,, Stream Size: 104 Stream Size: 104 UserForm1/i77/i79/i110/o Entropy: H., {... { T a h o m a t e H., {... { T a h o m a t e Data Raw: b c 7b b a f 6d b c 7b b a f 6d UserForm1/i77/i79/i113/\x1CompObj,, UserForm1/i77/i79/i113/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i113/f,, Stream Size: 193 Stream Size: 193 UserForm1/i77/i79/i113/f Entropy: H... s } T i m e B a s e D e p a r t. R K. Q D B... T a h o m a.... T o.. $ r T e x t B o x $ s T e x t B o x 4 " Data Raw: c 1a 0c ff ff d f d e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e Copyright Joe Security LLC 2017 Page 21 of 45

22 UserForm1/i77/i79/i113/o,, Stream Size: 104 Stream Size: 104 UserForm1/i77/i79/i113/o Entropy: H., {... { T a h o m a e H., {.. { T a h o m a e 6 Data Raw: b c 7b b a f 6d b c 7b b a f 6d UserForm1/i77/i79/i116/\x1CompObj,, UserForm1/i77/i79/i116/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i116/f,, Stream Size: 197 Stream Size: 197 UserForm1/i77/i79/i116/f Entropy: D. H... v } A r r i v a l F i r s t S i t e t. R K. Q D B... T a h o m a.... T o.. $ u T e x t B o x $ v T e x t B o x 6 " Data Raw: c 1a 0c ff ff d f c e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i116/o,, Stream Size: 104 Stream Size: 104 UserForm1/i77/i79/i116/o Entropy: H., {... { T a h o m a / H., {.. { T a h o m a /. Data Raw: b c 7b b a f 6d 61 2f b c 7b b a f 6d 61 2f 00 UserForm1/i77/i79/i119/\x1CompObj,, UserForm1/i77/i79/i119/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m Copyright Joe Security LLC 2017 Page 22 of 45

23 UserForm1/i77/i79/i119/f,, Stream Size: 197 Stream Size: 197 UserForm1/i77/i79/i119/f Entropy: P. H... x } A T M T e r m i n a l N u m b e r - F i r s t S i t e O.. R K. Q D B... T a h o m a.... H..... h A x C o m b o B o x 7 E G A T M _ T E R M I N A L _ N U M B E R t Data Raw: c 1a 0c e ff ff d f d d 69 6e 61 6c 20 4e 75 6d d f e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d UserForm1/i77/i79/i119/o,, Stream Size: 56 Stream Size: 56 UserForm1/i77/i79/i119/o Entropy: A H.,.... ]... { T a h o m a x 8 Data Raw: b c d b a f 6d UserForm1/i77/i79/i121/\x1CompObj,, UserForm1/i77/i79/i121/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i121/f,, Stream Size: 197 Stream Size: 197 UserForm1/i77/i79/i121/f Entropy: D. H... { } L a s t S i t e D e p a r t u r e t. R K. Q D B... T a h o m a.... T o.. $ z T e x t B o x $ { T e x t B o x 8 " Data Raw: c 1a 0c 7b ff ff d f c e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i121/o,, Stream Size: 104 UserForm1/i77/i79/i121/o Copyright Joe Security LLC 2017 Page 23 of 45

24 Stream Size: 104 Entropy: H., {... { T a h o m a H., {.. { T a h o m a.. Data Raw: b c 7b b a f 6d 61 ff ff b c 7b b a f 6d 61 ff ff UserForm1/i77/i79/i124/\x1CompObj,, UserForm1/i77/i79/i124/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i124/f,, Stream Size: 197 Stream Size: 197 UserForm1/i77/i79/i124/f Entropy: P. H... } } A T M T e r m i n a l N u m b e r - L a s t S i t e.. R K. Q D B... T a h o m a.... H..... h A } C o m b o B o x 8 E G A T M _ T E R M I N A L _ N U M B E R t Data Raw: c 1a 0c 7d f ff ff d f d d 69 6e 61 6c 20 4e 75 6d d 20 4c e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d UserForm1/i77/i79/i124/o,, Stream Size: 56 Stream Size: 56 UserForm1/i77/i79/i124/o Entropy: A H.,.... ]... { T a h o m a x 9 Data Raw: b c d b a f 6d UserForm1/i77/i79/i126/\x1CompObj,, UserForm1/i77/i79/i126/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i126/f,, Stream Size: 193 Copyright Joe Security LLC 2017 Page 24 of 45

25 Stream Size: 193 UserForm1/i77/i79/i126/f Entropy: <. H } A r r i v a l B a s e. R K. Q D B... T a h o m a.... X o.. $ T e x t B o x ( T e x t B o x 1 0 E G. " Data Raw: c c 1a 0c c ff ff d f c e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e f UserForm1/i77/i79/i126/o,, Stream Size: 104 Stream Size: 104 UserForm1/i77/i79/i126/o Entropy: H., {... { T a h o m a H., {.. { T a h o m a.. Data Raw: b c 7b b a f 6d 61 ff ff b c 7b b a f 6d 61 ff ff UserForm1/i77/i79/i129/\x1CompObj,, UserForm1/i77/i79/i129/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i129/f,, Stream Size: 193 Stream Size: 193 UserForm1/i77/i79/i129/f Entropy: H } O f f D u t y. R K. Q D B... T a h o m a.... \\ o.. ( T e x t B o x 1 3 E G ( T e x t B o x 1 4 E G. " Data Raw: c 1a 0c ff ff d f f e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d c f e UserForm1/i77/i79/i129/o,, Stream Size: 104 Stream Size: 104 UserForm1/i77/i79/i129/o Entropy: H., {... { T a h o m a H., {.. { T a h o m a 7 9 Copyright Joe Security LLC 2017 Page 25 of 45

26 Data Raw: b c 7b b a f 6d b c 7b b a f 6d UserForm1/i77/i79/i132/\x1CompObj,, UserForm1/i77/i79/i132/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i132/f,, Stream Size: 157 Stream Size: 157 UserForm1/i77/i79/i132/f Entropy: H } S t a r t i n g M i l e a g e. R K. Q D B... T a h o m a h o.. ( T e x t B o x 1 5 E G Data Raw: c 1a 0c ff ff d f e d 69 6c e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i132/o,, Stream Size: 52 Stream Size: 52 UserForm1/i77/i79/i132/o Entropy: H.,.... { T a h o m a.. Data Raw: b c bf 0a b a f 6d 61 ff ff UserForm1/i77/i79/i134/\x1CompObj,, UserForm1/i77/i79/i134/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i134/f,, Stream Size: 157 UserForm1/i77/i79/i134/f Stream Size: 157 Entropy: Copyright Joe Security LLC 2017 Page 26 of 45

27 H } E n d i n g M i l e a g e r t R K. Q D B... T a h o m a h o.. ( T e x t B o x 1 6 E G Data Raw: c 1a 0c e ff ff d f e e d 69 6c e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f e UserForm1/i77/i79/i134/o,, Stream Size: 52 Stream Size: 52 UserForm1/i77/i79/i134/o Entropy: H.,.... { T a h o m a 7. Data Raw: b c bf 0a b a f 6d ff UserForm1/i77/i79/i136/\x1CompObj,, UserForm1/i77/i79/i136/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i136/f,, Stream Size: 281 Stream Size: 281 UserForm1/i77/i79/i136/f Entropy: H } R u n D a t e. R K. Q D B... T a h o m a o.. ( T e x t B o x 2 0 / S u ( T e x t B o x 2 1 / S u " ( T e x t B o x 2 2 / S u q ( X.. Data Raw: c 1a 0c be ff ff d f e e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d b f e UserForm1/i77/i79/i136/o,, Stream Size: 244 Stream Size: 244 UserForm1/i77/i79/i136/o Entropy: H., {... { T a h o m a / H., {.. { T a h o m a / H., "... { T a h o m a / F i P / H o l i d a y / S u n d a y T a h o m a.. Data Raw: b c 7b b a f 6d 61 2f b c 7b b a f 6d 61 2f b c b Copyright Joe Security LLC 2017 Page 27 of 45

28 UserForm1/i77/i79/i171/\x1CompObj,, UserForm1/i77/i79/i171/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i171/f,, Stream Size: 185 Stream Size: 185 UserForm1/i77/i79/i171/f Entropy: L. H } T o t a l S B V s t a f f o n s t a n d b y... R K. Q D B... T a h o m h o A C o m b o B o x 1 0 S u N U M B E R _ S T A F F Data Raw: c c 1a 0c ac a ff ff d f f c f 6e e e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b f 6d f UserForm1/i77/i79/i171/o,, Stream Size: 56 Stream Size: 56 UserForm1/i77/i79/i171/o Entropy: A H.,.... q... { T a h o m a.. Data Raw: b c b a f 6d 61 c4 0a UserForm1/i77/i79/i173/\x1CompObj,, UserForm1/i77/i79/i173/\x1CompObj n ` ` M i c r o s o f t F o r m s 2. 0 F r a m e..... E m UserForm1/i77/i79/i173/f,, Stream Size: 185 Stream Size: 185 UserForm1/i77/i79/i173/f Entropy: L. H } T o t a l S B V s t a f f o n c a l l o u t.. R K. Q D B... T a h o m h o A C o m b o B o x 1 1 F F N U M B E R _ S T A F F Copyright Joe Security LLC 2017 Page 28 of 45

Similar documents

ID: Sample Name: PO xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03:13:36 Date: 08/01/2018 Version:

ID: Sample Name: PO xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03:13:36 Date: 08/01/2018 Version: ID: 41861 Sample Name: PO65445465.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03::36 Date: 08/01/2018 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:55:50 Date:

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:55:50 Date: ID: 244 Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:55:50 Date: 05/10/201 Version: 24.0.0 Fire Opal Table of Contents

More information

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:52:31 Date:

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:52:31 Date: ID: 244 Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:52:31 Date: 05/10/201 Version: 24.0.0 Fire Opal Table of Contents

More information

ID: Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31:13 Date: 16/03/2018 Version:

ID: Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31:13 Date: 16/03/2018 Version: ID: 50648 Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31: Date: 16/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: 12/04/2018 Version:

ID: Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: 12/04/2018 Version: ID: 54427 Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: /04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: 13/04/2018 Version: 22.0.

ID: Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: 13/04/2018 Version: 22.0. ID: 54478 Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: /04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 14:36:29 Date: 04/05/2018 Version: 22.0.

ID: Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 14:36:29 Date: 04/05/2018 Version: 22.0. ID: 5762 Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: :36:2 Date: 04/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version:

ID: Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version: ID: 42035 Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version:

ID: Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version: ID: 41280 Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information

More information

ID: Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17:15:48 Date: 19/06/2018 Version: 22.0.

ID: Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17:15:48 Date: 19/06/2018 Version: 22.0. ID: 64635 Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17::48 Date: 1/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: TO_HM_CROWN PR#U0130NCE MOHAMMED B#U0130N SALMAN - Dear Prime Minister.doc Cookbook: defaultwindowsofficecookbook.

ID: Sample Name: TO_HM_CROWN PR#U0130NCE MOHAMMED B#U0130N SALMAN - Dear Prime Minister.doc Cookbook: defaultwindowsofficecookbook. ID: 63341 Sample Name: TO_HM_CROWN PR#U0130NCE MOHAMMED B#U0130N SALMAN - Dear Prime Minister.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 08:43:14 Date: 10/06/2018 Version: 22.0.0 Table of Contents

More information

ID: Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 18:29:43 Date: 25/05/2018 Version:

ID: Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 18:29:43 Date: 25/05/2018 Version: ID: 1259 Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 1:29:43 Date: 25/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 09:43:59 Date: 21/10/2017 Version:

ID: Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 09:43:59 Date: 21/10/2017 Version: ID: 34788 Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 0:43:5 Date: 21/10/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information

More information

ID: Sample Name: image002 Cookbook: default.jbs Time: 18:19:28 Date: 18/05/2018 Version:

ID: Sample Name: image002 Cookbook: default.jbs Time: 18:19:28 Date: 18/05/2018 Version: ID: 0309 Sample Name: image002 Cookbook: default.jbs Time: 1:19:2 Date: 1/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: emotet.exe Cookbook: defaultwindowsofficecookbook.jbs Time: 07:07:14 Date: 07/11/2017 Version:

ID: Sample Name: emotet.exe Cookbook: defaultwindowsofficecookbook.jbs Time: 07:07:14 Date: 07/11/2017 Version: ID: 3626 Sample Name: emotet.exe Cookbook: defaultwindowsofficecookbook.jbs Time: 0:0:14 Date: 0/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: test.txt Cookbook: default.jbs Time: 13:18:36 Date: 31/03/2018 Version:

ID: Sample Name: test.txt Cookbook: default.jbs Time: 13:18:36 Date: 31/03/2018 Version: ID: 5250 Sample Name: test.txt Cookbook: default.jbs Time: 13:18:3 Date: 31/03/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: text_0.txt Cookbook: default.jbs Time: 16:20:15 Date: 12/01/2018 Version:

ID: Sample Name: text_0.txt Cookbook: default.jbs Time: 16:20:15 Date: 12/01/2018 Version: ID: 4253 Sample Name: text_0.txt Cookbook: default.jbs Time: 1:20:15 Date: 12/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version:

ID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version: ID: 001 Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:4 Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version:

ID: Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version: ID: 80115 Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report js.jar Overview General Information

More information

ID: Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24:33 Date: 15/12/2017 Version:

ID: Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24:33 Date: 15/12/2017 Version: ID: 4019 Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24: Date: 1/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: 5GeZNwROcB.bin Cookbook: default.jbs Time: 15:22:54 Date: 30/11/2017 Version:

ID: Sample Name: 5GeZNwROcB.bin Cookbook: default.jbs Time: 15:22:54 Date: 30/11/2017 Version: ID: 82 Sample Name: GeZNwROcB.bin Cookbook: default.jbs Time: 1:22:4 Date: 0/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: maintools.js Cookbook: default.jbs Time: 15:43:35 Date: 17/02/2018 Version:

ID: Sample Name: maintools.js Cookbook: default.jbs Time: 15:43:35 Date: 17/02/2018 Version: ID: 48 Sample Name: maintools.js Cookbook: default.jbs Time: 1:43:3 Date: 1/02/2018 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: gpg4win exe.sig Cookbook: default.jbs Time: 21:44:31 Date: 02/02/2018 Version:

ID: Sample Name: gpg4win exe.sig Cookbook: default.jbs Time: 21:44:31 Date: 02/02/2018 Version: ID: Sample Name: gpgwin-.0..exe.sig Cookbook: default.jbs Time: 21::1 Date: 02/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version:

ID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version: ID: 042 Sample Name: test Cookbook: default.jbs Time: 09:4:1 Date: 21/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version:

ID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version: ID: 44024 Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:4:49 Date: 2/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/07/2018 Version:

ID: Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/07/2018 Version: ID: 6045 Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/0/201 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Sample Name: quzpecasrh Cookbook: default.jbs Time: 16:55:54 Date: 07/10/2017 Version:

ID: Sample Name: quzpecasrh Cookbook: default.jbs Time: 16:55:54 Date: 07/10/2017 Version: ID: 3393 Sample Name: quzpecasrh Cookbook: default.jbs Time: 1:55:54 Date: 0//201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:46 Date: 20/09/2018 Version: 23.0.

ID: Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:46 Date: 20/09/2018 Version: 23.0. ID: 25 Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:4 Date: 20/09/201 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Payment_Remittance#.xps

More information

ID: Sample Name: Serial.txt Cookbook: default.jbs Time: 02:59:20 Date: 07/05/2018 Version:

ID: Sample Name: Serial.txt Cookbook: default.jbs Time: 02:59:20 Date: 07/05/2018 Version: ID: 58133 Sample Name: Serial.txt Cookbook: default.jbs Time: 02:5:20 Date: 0/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/2018 Version:

ID: Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/2018 Version: ID: 6467 Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version:

ID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version: ID: 80 Sample Name: Unconfirmed.crdownload Cookbook: default.jbs Time: 22:8:0 Date: 08/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Sample Name: Swift details.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 17:14:48 Date: 21/06/2018 Version: 22.0.

ID: Sample Name: Swift details.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 17:14:48 Date: 21/06/2018 Version: 22.0. ID: 64992 Sample Name: Swift details.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 17::48 Date: 21/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 12:58:02 Date: 02/04/2018 Version:

ID: Cookbook: browseurl.jbs Time: 12:58:02 Date: 02/04/2018 Version: ID: 5253 Cookbook: browseurl.jbs Time: 12:5:02 Date: 02/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: tesseract-ocrsetup exe. Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version:

ID: Sample Name: tesseract-ocrsetup exe. Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version: ID: 46161 Sample Name: tesseract-ocrsetup-3.05.01.exe Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:47 Date: 22/11/2017 Version:

ID: Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:47 Date: 22/11/2017 Version: ID: 388 Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:4 Date: 22/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/2018 Version: ID: 5139 Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version:

ID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version: ID: 90 Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:4 Date: 2/0/201 Version: 2.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: E DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version:

ID: Sample Name: E DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version: ID: 55401 Sample Name: E203182DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/05/2018 Version:

ID: Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/05/2018 Version: ID: 09 Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: 10:19:47 Date: 19/02/2018 Version:

ID: Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: 10:19:47 Date: 19/02/2018 Version: ID: 47020 Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: :19:47 Date: 19/02/201 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/2018 Version:

ID: Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/2018 Version: ID: 52775 Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: ff2c8cadaa0fd8da6138cce6fce37e001f53a5d9ceccd67945b15ae273f4d751.evaljs.js Cookbook: default.jbs Time: 16:44:00 Date:

ID: Sample Name: ff2c8cadaa0fd8da6138cce6fce37e001f53a5d9ceccd67945b15ae273f4d751.evaljs.js Cookbook: default.jbs Time: 16:44:00 Date: ID: 33355 Sample Name: ff2c8cadaa0fd8da138ccefce3e001f53a5dceccd45b15ae23f4d51.evaljs.js Cookbook: default.jbs Time: 1:44:00 Date: 04//201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report

More information

ID: Sample Name: 21PO jpg...js Cookbook: default.jbs Time: 14:32:06 Date: 21/11/2017 Version:

ID: Sample Name: 21PO jpg...js Cookbook: default.jbs Time: 14:32:06 Date: 21/11/2017 Version: ID: 371 Sample Name: 21PO201745.jpg...js Cookbook: default.jbs Time: 14:32:0 Date: 21/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: 11#Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/2018 Version: 20.0.

ID: Sample Name: 11#Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/2018 Version: 20.0. ID: 4457 Sample Name: #Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General

More information

ID: Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version:

ID: Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version: ID: 46296 Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: urldownload.jbs Time: 16:41:45 Date: 23/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 16:41:45 Date: 23/06/2018 Version: ID: 52 Cookbook: urldownload.jbs Time: 1:41:45 Date: 23/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:09:32 Date: 02/06/2018 Version:

ID: Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:09:32 Date: 02/06/2018 Version: ID: 22 Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:0:2 Date: 02/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version:

ID: Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version: ID: 42670 Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 15:46:38 Date: 29/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 15:46:38 Date: 29/03/2018 Version: ID: 52374 Cookbook: browseurl.jbs Time: 15:46:3 Date: 29/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: urldownload.jbs Time: 19:53:36 Date: 07/03/2018 Version:

ID: Cookbook: urldownload.jbs Time: 19:53:36 Date: 07/03/2018 Version: ID: 49 Cookbook: urldownload.jbs Time: 19:: Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice

More information

ID: Cookbook: urldownload.jbs Time: 22:26:00 Date: 30/12/2017 Version:

ID: Cookbook: urldownload.jbs Time: 22:26:00 Date: 30/12/2017 Version: ID: 41304 Cookbook: urldownload.jbs Time: 22:26:00 Date: 30/12/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature Overview

More information

ID: Sample Name: binarydata Cookbook: default.jbs Time: 22:09:57 Date: 22/11/2017 Version:

ID: Sample Name: binarydata Cookbook: default.jbs Time: 22:09:57 Date: 22/11/2017 Version: ID: 88 Sample Name: binarydata Cookbook: default.jbs Time: 22:09: Date: 22/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version:

ID: Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version: ID: 37366 Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: New invoice doc Cookbook: defaultwindowsofficecookbook.jbs Time: 21:49:06 Date: 07/11/2017 Version: 20.0.

ID: Sample Name: New invoice doc Cookbook: defaultwindowsofficecookbook.jbs Time: 21:49:06 Date: 07/11/2017 Version: 20.0. ID: 36381 Sample Name: New invoice 1385371761.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 21:4:06 Date: 07/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview

More information

ID: Cookbook: urldownload.jbs Time: 16:10:39 Date: 07/12/2017 Version:

ID: Cookbook: urldownload.jbs Time: 16:10:39 Date: 07/12/2017 Version: ID: 94 Cookbook: urldownload.jbs Time: 1:10:9 Date: 0/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: NALCsalaries.xls. Cookbook: defaultwindowsofficecookbook.jbs Time: 01:52:54 Date: 28/11/2017 Version: 20.0.

ID: Sample Name: NALCsalaries.xls. Cookbook: defaultwindowsofficecookbook.jbs Time: 01:52:54 Date: 28/11/2017 Version: 20.0. ID: 38383 Sample Name: NALCsalaries.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 01:52:54 Date: 28/11/2017 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 14:46:55 Date: 31/08/2018 Version:

ID: Cookbook: browseurl.jbs Time: 14:46:55 Date: 31/08/2018 Version: ID: 74919 Cookbook: browseurl.jbs Time: 14:46:55 Date: 31/08/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report http://tiny.cc/34aqxy Overview General Information Detection Confidence

More information

ID: Sample Name:._k.php Cookbook: default.jbs Time: 05:41:18 Date: 25/04/2018 Version:

ID: Sample Name:._k.php Cookbook: default.jbs Time: 05:41:18 Date: 25/04/2018 Version: ID: 2 Sample Name:._k.php Cookbook: default.jbs Time: 0:41:1 Date: 2/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: 2015 preliminary FL_Sales_by_country_segment_ACT_CHF_rates_V01 (2).xlsm Cookbook: defaultwindowsofficecookbook.

ID: Sample Name: 2015 preliminary FL_Sales_by_country_segment_ACT_CHF_rates_V01 (2).xlsm Cookbook: defaultwindowsofficecookbook. ID: 54290 Sample Name: 2015 preliminary FL_Sales_by_country_segment_ACT_CHF_rates_V01 (2).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 08:06:24 Date: 12/04/2018 Version: 22.0.0 Table of Contents

More information

ID: Cookbook: urldownload.jbs Time: 20:47:24 Date: 09/12/2017 Version:

ID: Cookbook: urldownload.jbs Time: 20:47:24 Date: 09/12/2017 Version: ID: 0 Cookbook: urldownload.jbs Time: 20:4:24 Date: 0/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: NALCsalaries.xls. Cookbook: defaultwindowsofficecookbook.jbs Time: 01:48:06 Date: 28/11/2017 Version: 20.0.

ID: Sample Name: NALCsalaries.xls. Cookbook: defaultwindowsofficecookbook.jbs Time: 01:48:06 Date: 28/11/2017 Version: 20.0. ID: 38383 Sample Name: NALCsalaries.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 01:48:06 Date: 28/11/2017 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/06/2018 Version: ID: 3923 Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/0/201 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 15:48:15 Date: 29/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 15:48:15 Date: 29/03/2018 Version: ID: 52376 Cookbook: browseurl.jbs Time: 15:4:15 Date: 29/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: NALCsalaries.xls. Cookbook: defaultwindowsofficecookbook.jbs Time: 01:50:14 Date: 28/11/2017 Version: 20.0.

ID: Sample Name: NALCsalaries.xls. Cookbook: defaultwindowsofficecookbook.jbs Time: 01:50:14 Date: 28/11/2017 Version: 20.0. ID: 38381 Sample Name: NALCsalaries.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 01:50: Date: 28/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information

More information

ID: Sample Name: 2015 preliminary FL_Sales_by_country_segment_ACT_CHF_rates_V01 (2).xlsm Cookbook: defaultwindowsofficecookbook.

ID: Sample Name: 2015 preliminary FL_Sales_by_country_segment_ACT_CHF_rates_V01 (2).xlsm Cookbook: defaultwindowsofficecookbook. ID: 54290 Sample Name: 2015 preliminary FL_Sales_by_country_segment_ACT_CHF_rates_V01 (2).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 08:01:26 Date: 12/04/2018 Version: 22.0.0 Table of Contents

More information

ID: Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/2018 Version: ID: 50646 Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 16:58:45 Date: 04/06/2018 Version:

ID: Cookbook: browseurl.jbs Time: 16:58:45 Date: 04/06/2018 Version: ID: 62529 Cookbook: browseurl.jbs Time: 16:58:45 Date: 04/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 11:59:06 Date: 14/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 11:59:06 Date: 14/05/2018 Version: ID: 5945 Cookbook: browseurl.jbs Time: 11:59:06 Date: 14/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 07:02:50 Date: 27/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 07:02:50 Date: 27/03/2018 Version: ID: 51900 Cookbook: browseurl.jbs Time: 07:02:50 Date: 27/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature Overview Networking:

More information

ID: Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/08/2018 Version:

ID: Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/08/2018 Version: ID: 153 Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/0/201 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/2018 Version: ID: 5702 Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: fly.jse Cookbook: default.jbs Time: 18:17:26 Date: 11/11/2017 Version:

ID: Sample Name: fly.jse Cookbook: default.jbs Time: 18:17:26 Date: 11/11/2017 Version: ID: 371 Sample Name: fly.jse Cookbook: default.jbs Time: 1:17:2 Date: 11/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version: ID: 42417 Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Cookbook: browseurl.jbs Time: 20:56:26 Date: 03/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:56:26 Date: 03/07/2018 Version: ID: 66665 Cookbook: browseurl.jbs Time: 20:56:26 Date: 03/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/2018 Version:

ID: Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/2018 Version: ID: 4441 Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: 2.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 14:00:56 Date: 17/06/2018 Version:

ID: Sample Name: 2.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 14:00:56 Date: 17/06/2018 Version: ID: 64333 Sample Name: 2.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 14:00:56 Date: 17/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Cookbook: browseurl.jbs Time: 20:04:11 Date: 14/06/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:04:11 Date: 14/06/2018 Version: ID: 64085 Cookbook: browseurl.jbs Time: 20:04:11 Date: 14/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 08:25:02 Date: 29/10/2018 Version: Fire Opal

ID: Cookbook: urldownload.jbs Time: 08:25:02 Date: 29/10/2018 Version: Fire Opal ID: Cookbook: urldownload.jbs Time: 0:25:02 Date: 29//201 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://15.1..14/neko.sh Overview General Information Detection Confidence

More information

ID: Cookbook: urldownload.jbs Time: 19:58:34 Date: 02/05/2018 Version:

ID: Cookbook: urldownload.jbs Time: 19:58:34 Date: 02/05/2018 Version: ID: 57706 Cookbook: urldownload.jbs Time: 19:5:34 Date: 02/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 23:36:16 Date: 10/04/2018 Version:

ID: Cookbook: browseurl.jbs Time: 23:36:16 Date: 10/04/2018 Version: ID: 54075 Cookbook: browseurl.jbs Time: 23:36:16 Date: 10/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 22:46:20 Date: 19/02/2018 Version:

ID: Cookbook: urldownload.jbs Time: 22:46:20 Date: 19/02/2018 Version: ID: 4706 Cookbook: urldownload.jbs Time: 22:46:20 Date: 1/02/201 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0.

ID: Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0. ID: 61258 Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: PO SP- R BACKORDERED ITEMS.doc Cookbook: default.jbs Time: 21:49:47 Date: 28/09/2017 Version: 20.0.

ID: Sample Name: PO SP- R BACKORDERED ITEMS.doc Cookbook: default.jbs Time: 21:49:47 Date: 28/09/2017 Version: 20.0. ID: 32973 Sample Name: 112 PO SP- R100007-3 BACKORDERED ITEMS.doc Cookbook: default.jbs Time: 21:49:47 Date: 2/09/2017 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:46:31 Date: 01/02/2018 Version:

ID: Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:46:31 Date: 01/02/2018 Version: ID: 44491 Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:4:31 Date: 01/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 18:05:31 Date: 26/12/2017 Version:

ID: Cookbook: browseurl.jbs Time: 18:05:31 Date: 26/12/2017 Version: ID: 41000 Cookbook: browseurl.jbs Time: 1:05:31 Date: 26/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 18:45:10 Date: 08/10/2018 Version: Fire Opal

ID: Cookbook: browseurl.jbs Time: 18:45:10 Date: 08/10/2018 Version: Fire Opal ID: 82913 Cookbook: browseurl.jbs Time: 18:45:10 Date: 08/10/2018 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://www.learningtoolkit.club Overview General Information

More information

ID: Cookbook: browseurl.jbs Time: 00:46:14 Date: 03/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 00:46:14 Date: 03/07/2018 Version: ID: 66523 Cookbook: browseurl.jbs Time: 00:46:14 Date: 03/07/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: urldownload.jbs Time: 18:48:38 Date: 19/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 18:48:38 Date: 19/06/2018 Version: ID: 64646 Cookbook: urldownload.jbs Time: 1:4:3 Date: 19/06/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: Request.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 15:59:16 Date: 22/11/2017 Version:

ID: Sample Name: Request.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 15:59:16 Date: 22/11/2017 Version: ID: 37845 Sample Name: Request.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 15:59:16 Date: 22/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection

More information

ID: Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version:

ID: Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version: ID: 53619 Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version:

ID: Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version: ID: 40269 Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version:

ID: Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version: ID: 45263 Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version: ID: 67658 Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification Analysis Advice Signature Overview

More information

ID: Sample Name: meterpreter64bit.exe Cookbook: default.jbs Time: 16:01:45 Date: 24/11/2017 Version:

ID: Sample Name: meterpreter64bit.exe Cookbook: default.jbs Time: 16:01:45 Date: 24/11/2017 Version: ID: 0 Sample Name: meterpreter4bit.exe Cookbook: default.jbs Time: 1:01:4 Date: 24/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 14:05:23 Date: 30/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 14:05:23 Date: 30/07/2018 Version: ID: 70096 Cookbook: browseurl.jbs Time: 14:05:23 Date: 30/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 20:07:43 Date: 27/09/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:07:43 Date: 27/09/2018 Version: ID: 80599 Cookbook: browseurl.jbs Time: 20:07:43 Date: 27/09/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report http://www.qbproadvisorshelp.com Overview General Information Detection

More information

ID: Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version:

ID: Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version: ID: 34266 Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Sample Name: process.0xfffffa8004b x dmp Cookbook: default.jbs Time: 22:45:59 Date: 02/12/2017 Version: 20.0.

ID: Sample Name: process.0xfffffa8004b x dmp Cookbook: default.jbs Time: 22:45:59 Date: 02/12/2017 Version: 20.0. ID: 38941 Sample Name: process.0xfffffa8004b120.0x480000.dmp Cookbook: default.jbs Time: 22:4:9 Date: 02/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information

More information

ID: Sample Name: DOC doc Cookbook: defaultwindowsofficecookbook.jbs Time: 21:15:25 Date: 20/11/2018 Version: 24.0.

ID: Sample Name: DOC doc Cookbook: defaultwindowsofficecookbook.jbs Time: 21:15:25 Date: 20/11/2018 Version: 24.0. ID: 92237 Sample Name: DOC- 767373.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 21:15:25 Date: 20/11/201 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report DOC-767373.doc

More information

ID: Sample Name: Liste1.jar Cookbook: default.jbs Time: 23:20:23 Date: 02/11/2017 Version:

ID: Sample Name: Liste1.jar Cookbook: default.jbs Time: 23:20:23 Date: 02/11/2017 Version: ID: 35936 Sample Name: Liste1.jar Cookbook: default.jbs Time: 23:20:23 Date: 02/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback