a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

General
Target

a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

Filesize

N/A

Completed

21-01-2020 16:34

Score
1 /10
SHA256

a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

Malware Config
Signatures 3

Filter: none

  • Suspicious behavior: AddClipboardFormatListener
    EXCEL.EXE

    Reported IOCs

    pidprocess
    1448EXCEL.EXE
  • Suspicious use of SetWindowsHookEx
    EXCEL.EXE

    Reported IOCs

    pidprocess
    1448EXCEL.EXE
  • Suspicious behavior: GetForegroundWindowSpam
    EXCEL.EXE

    Reported IOCs

    pidprocess
    1448EXCEL.EXE
Processes 1
  • C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e.xls
    Suspicious behavior: AddClipboardFormatListener
    Suspicious use of SetWindowsHookEx
    Suspicious behavior: GetForegroundWindowSpam
    PID:1448
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads

                          • memory/1448-0-0x0000000005D50000-0x0000000005D54000-memory.dmp

                            Download