Managed XDR

word-embeddings-oleobject1.bin — malware analysis report

File info

Filename
word-embeddings-oleobject1.bin
File type
Composite Document File V2 Document, Cannot read section info
File size
11.5 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
73176ca04c5e1348e9ca58cf6303ed522dad78b3
SHA256
82eb099e9013d5375c7cd62c7e062610e1975e797427c7f3a3f5b081e7cae9cf
MD5
54dd74bf6a4672122e9bba609f299af6

Signatures

Execution

T1059.005 bad_vbs: Suspicious VBScript file

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process
T1497.001 antisandbox_script_timer: Detected script timer window (indicative of sleep style evasion)

Discovery

T1497.001 antisandbox_script_timer: Detected script timer window (indicative of sleep style evasion)

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
message_box: Displays a message
error_drawtext: An error occured while executing the file
checktokenmembership: Checks user token with CheckTokenMembership call