Sample name: | #U8d77#U8bc9#U6750#U6599#U548c#U501f#U6b3e#U8bc1#U636e.docx.exerenamed because original name is a hash value |
Original sample name: | .docx.exe |
Analysis ID: | 1533050 |
MD5: | daf21b9d206ce16fc3bd087abd0c6389 |
SHA1: | 76c67b3413830e45b0a5d938fb7976d47da10579 |
SHA256: | a62c290374a53ae0e30ba18422ead75f2a271a4b58cd6204940112364246d7ac |
Infos: | |
Score: | 80 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
HackBrowserData | Browser information stealer, written in Go. | No Attribution |
|
AV Detection |
---|
Source: |
ReversingLabs: |
|||
Source: |
Virustotal: |
Perma Link |
Source: |
Integrated Neural Analysis Model: |
Source: |
Static PE information: |
Networking |
---|
Source: |
Network traffic detected: |
||
Source: |
Network traffic detected: |
||
Source: |
Network traffic detected: |
Source: |
TCP traffic: |
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
Source: |
HTTP traffic detected: |