File 6ff88255226a7f0de338e8383904a6fd8af5eb630c28ae6846b107de41fa22ef Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Last scanned

First submission

File type

xlsx

xlsx

Basic properties

CRC32

0x4e86224c

MD5

248cd700a82449f4b0d107e6a934ae2b

Magic

Microsoft Excel 2007+

SHA1

d1763d827d614ddd6f3ca046ec6d1cf880f4dc25

SHA256

6ff88255226a7f0de338e8383904a6fd8af5eb630c28ae6846b107de41fa22ef

SHA512

c5755cc015b3e6aa30ce1c87c05a7712fc7939f57d7d470025a50c8d280ad53d97701f34b85b8f9300652989720915ccac28a22925e73ea48455116f37c31746

SSDeep

384:YlbZERmunyjfOOTXC6ACMYMx3pF5dBwDVfJZKTvazDpzQ:OdunyXXC6jzqTKVxZ7zDC

Size

14.91KB

Packer
  • Binary: archive: Zip(1.0)[20.4%,10 files,6 dirs]
TrID
  • 60.1% (.XLSX) Excel Microsoft Office Open XML Format document (34000/1/7)
  • 30.9% (.ZIP) Open Packaging Conventions container (17500/1/4)
  • 7.0% (.ZIP) ZIP compressed archive (4000/1)
  • 1.7% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)

ExifTool File Metadata

ExifToolVersionNumber

12.64

FileSize

15 kB

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

[minor] Use the Duplicates option to extract tags for all 16 files

ZipBitFlag

0

ZipCompressedSize

345

ZipCompression

Deflated

ZipCrc

0x09c0db91

ZipFileName

[Content_Types].xml

ZipRequiredVersion

10

ZipUncompressedSize

1264

Show all

Submissions

Published Name Source Country
Emotet+Trickbot_comparison.xlsx web undefined

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!